fb053f94622f836ee648d0a95ce8754f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb053f94622f836ee648d0a95ce8754f_JaffaCakes118
Size

92KB
MD5

fb053f94622f836ee648d0a95ce8754f
SHA1

46bbeff335a3af49dee941c5c529331119648c25
SHA256

e5acac6e39ea8901923c51fb2ee24b41efc8b176d06fbdeb3f6907832a119135
SHA512

236dd8d210e18e3d6f057e6f824b7a55405dda8667c6597777d5af835317d70df9d52898e41996b6a7f054f7f9727afc449dc85f1bc507fd3630f81f53b6851c
SSDEEP

1536:4SgM9SZjxXiz87XJ7JQ8EZ1fzA3bKhIbO4z9QSkHKF2p1ofIlnAROUks+Pp4Wu:4bM9T8757/EZFM3ba1d+Y1ofIlAREPpW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb053f94622f836ee648d0a95ce8754f_JaffaCakes118

Files

fb053f94622f836ee648d0a95ce8754f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dbe454b1e292824bbc9a12cc8a20b290

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

FreeLibrary
OpenEventA
LoadLibraryExA
GetProcAddress
LeaveCriticalSection

advapi32

RegCloseKey

ole32

IsEqualGUID

oleaut32

LoadTypeLib

shell32

SHGetMalloc

user32

SetTimer

wininet

InternetOpenA

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.itex
Size: 90KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE