fd75b4e0ad0b34f9dcb1b039bdfa15e4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd75b4e0ad0b34f9dcb1b039bdfa15e4_JaffaCakes118
Size

52KB
MD5

fd75b4e0ad0b34f9dcb1b039bdfa15e4
SHA1

df88b5ba00ef29fc53af80707c66cdaf0facc6fa
SHA256

d695de5b381210f3d95b5084885b46414fc2e1aecee94f417f2c075e99667a7a
SHA512

b90f37703e00d8fe78b9c5bc7d3f16f9d2d6eb67ad38ff9d03bda84d024431db52f53cb563b738ba304ffce71f18a31d240670a1c5a84b2c9a856e33e62b24da
SSDEEP

1536:osgvYyaBik0w8S3obENsE9zBhWIUO+pye4OJcy:osHvTYbEyE9zBhWhdwcJc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd75b4e0ad0b34f9dcb1b039bdfa15e4_JaffaCakes118

Files

fd75b4e0ad0b34f9dcb1b039bdfa15e4_JaffaCakes118
.dll windows:4 windows x86 arch:x86

bd51a645a9c68bd03b2e51586e5cbdcb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA

Exports

Exports

Init
Proc

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 190B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 804B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ