01840f34d8a09892fe623d42f82f53ec_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

01840f34d8a09892fe623d42f82f53ec_JaffaCakes118
Size

89KB
MD5

01840f34d8a09892fe623d42f82f53ec
SHA1

60427a19cff04603e7f21205b595dd2c1c5eb9b5
SHA256

b9baaeb3937f89b0a1d00c27f1efbf2a6a8241881bd145a1f6bbb96fe45e348e
SHA512

6b57792bdf61391403b9ac57aa7df68be704dda93fea92a44bb1227cc72e1eb06efd6da0323c911d45bd7ed2589e1a9830d8e92a2a6fc77d5861844aabc4f2ce
SSDEEP

1536:BZ93rOmDCvFW0AjARpmw1G5b2VVrWz4eahIs3pKhu8l2ZvCP+:BH3jCvFlSaow14b2HrWz1ahJ3pyu8ovf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01840f34d8a09892fe623d42f82f53ec_JaffaCakes118

Files

01840f34d8a09892fe623d42f82f53ec_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e9c2faf6a1db5779b32f722e67245dd6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
GetProcAddress
LoadLibraryA
GetModuleHandleA
FreeResource
SizeofResource
LockResource
LoadResource
FindResourceA
GetLastError
CreateMutexA
SetLastError
GetModuleFileNameA
VirtualProtect

msvcrt

memset
sprintf
memcpy

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 508B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE