fffcaee9902c7a19b6eb73085f386e18_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fffcaee9902c7a19b6eb73085f386e18_JaffaCakes118
Size

109KB
MD5

fffcaee9902c7a19b6eb73085f386e18
SHA1

fbd91fe4ac0efdd986ccad971ff78a6dc5dc13e5
SHA256

de98f1a5f06a53777f2dd6645c790c4baa27b9023eada5137dbd5bfca04c59c6
SHA512

bd938ffe7dcbc1a6b44070f2af4b6df0002b3ed4e2e68be2d591fe757432fce50201bef75aae8a189663c4751e6b0292aeabd429e9d5e00972d28333707af9d3
SSDEEP

3072:nBOA5/lDIz6suKUkzM2pI0zr/IW+PVrBZ+TAJW:n0ADIzbBEd9rBYTMW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fffcaee9902c7a19b6eb73085f386e18_JaffaCakes118

Files

fffcaee9902c7a19b6eb73085f386e18_JaffaCakes118
.dll windows:4 windows x86 arch:x86

9b6056a749e236b76dc6e90682c23214

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
GetDateFormatA
LeaveCriticalSection
LoadLibraryA
TlsFree
lstrcmpiA
lstrlenA

Sections

.sforce3
Size: 25KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RDATA
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sforce3
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.brick
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ