eedd44bc138f724e4b3e6e5afd033855_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eedd44bc138f724e4b3e6e5afd033855_JaffaCakes118
Size

16KB
MD5

eedd44bc138f724e4b3e6e5afd033855
SHA1

396df21d26f09eb3a872d6ed053c463f910f7f17
SHA256

99059b0bcc372d498c8ebf454fc4244a750c41c6747ea73bce120eecc76f8c35
SHA512

b34bee7b4cf2356cb296cc8bce4a5d0067c9e3194e9dfc22f3624bf45a5eb0c87d0cda1f93b997776f8b1a077f7b77f7bb3c95d7b556c8c55c9a38c5ba8b03fa
SSDEEP

384:GR5WbG6OyOIvr+VUaNnVOUn/XwT7OBD77vvxlL:GS9TidNVOUn/wTCB37D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eedd44bc138f724e4b3e6e5afd033855_JaffaCakes118

Files

eedd44bc138f724e4b3e6e5afd033855_JaffaCakes118
.dll windows:5 windows x86 arch:x86

b64163d86f3886a6bb7943e9e657f60e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

python33

PyList_New

msvcr100

free

Exports

Exports

PyInit__testbuffer

Sections

.MPRESS1
Size: 12KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE