04d2b1cf6b727e1b2e47c100d3274a53_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04d2b1cf6b727e1b2e47c100d3274a53_JaffaCakes118
Size

1.8MB
MD5

04d2b1cf6b727e1b2e47c100d3274a53
SHA1

0b551b6e6ee65a20bed84172c72dabe1e60bc71a
SHA256

9f2f347f08b620b2c51ed4f78b6c1e799f5cd85c06f3d011f57282002910ec89
SHA512

bb9924769dec3f6571e23b54dae76eade6588e71846a624f5989c52c9b7f1c07a40c1629b796e68e7e35f3a3a0fee0dd2c08d73b53e1f99e0bdf2d4a7cbc97f0
SSDEEP

24576:TNFaxcEFTmL6Rory5ozRLuMD/FZ4dnrZAL01bJewSzyAARlw1vWukYjcrt3:sFqL6RAywvD/FZ4drr54/ypj+pAt3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04d2b1cf6b727e1b2e47c100d3274a53_JaffaCakes118

Files

04d2b1cf6b727e1b2e47c100d3274a53_JaffaCakes118
.dll windows:5 windows x86 arch:x86

2ba479f93ea5c69f3f2b2d3524ec6530

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32 kernel32

GetVersion Ӳ(

Exports

Exports

RunDllHostCallBack

Sections

.text
Size: 648KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 700KB - Virtual size: 700KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 428KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

SE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ