fe4b5f1e22866d4492fd359126ef8992_JaffaCakes118 | Triage

Sharing

General

Target

fe4b5f1e22866d4492fd359126ef8992_JaffaCakes118
Size

18KB
MD5

fe4b5f1e22866d4492fd359126ef8992
SHA1

0f67750db1ca87fc9c76a324e9937127a5c01276
SHA256

6093cd8955e66a8380767f104605fa9774bde15a19dced0b8e7cfa6a40af0f39
SHA512

30bc1ce522079aa8ca38ff7f66ad030a35aadd6c51720311c6a8fd0d9f9b447da1c437d4164e72b6a13d201e8d08ef68aa08e8c81a6a5002f40e1ef082b8b584
SSDEEP

192:Gz8NABHFTuAcS2PcZ6aD7JQp95aQrNpty5s1EsS/vkK1adj+igDjbKz0iKvNgw0a:GzYABwFeJCzEs+vvb1aCDjbKdKm7K0Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe4b5f1e22866d4492fd359126ef8992_JaffaCakes118

Files

fe4b5f1e22866d4492fd359126ef8992_JaffaCakes118
.dll .js windows:4 windows x86 arch:x86 polyglot

4a5c7016f8a55183eaacea531147a4be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RtlUnwind
InterlockedExchange
VirtualQuery
LoadLibraryA

Exports

Exports

DllInstall

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 668B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ