f557d63436cb270fef62cbeab36db51c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f557d63436cb270fef62cbeab36db51c_JaffaCakes118
Size

53KB
MD5

f557d63436cb270fef62cbeab36db51c
SHA1

a51d30cf83a6495b3f0aed00eb29585075b1fa99
SHA256

feb870eced1631ec8387ae075939f77bb1947d1b4dedff9a63a0e2debdfe28e5
SHA512

e15d17693645fd1c277d64f115ddd6d4bccd0be6e490288687c0fdfd322a663488cd2d56c03d001ae0c6dc1099a4cf0349396e942f38989016b895a2056f4156
SSDEEP

1536:0ZRKQpHZVOwazD+HPB8WbnysRASYFGIsH:0ZRKQp5VLy+vWWbysRgm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f557d63436cb270fef62cbeab36db51c_JaffaCakes118

Files

f557d63436cb270fef62cbeab36db51c_JaffaCakes118
.dll windows:6 windows x86 arch:x86

945a0c9c0c491d7eca15ef03653a5a8e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

python37

PyList_New

qt5gui

??1QValidator@@UAE@XZ

qt5qml

??1QJSValue@@QAE@XZ

qt5core

??1QUrl@@QAE@XZ

vcruntime140

memcpy

api-ms-win-crt-heap-l1-1-0

free

api-ms-win-crt-runtime-l1-1-0

_cexit

Exports

Exports

PyInit_QtQml

Sections

.MPRESS1
Size: 49KB - Virtual size: 356KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE