06094b3923b9b903ef849bef8d74ef6c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06094b3923b9b903ef849bef8d74ef6c_JaffaCakes118
Size

3KB
MD5

06094b3923b9b903ef849bef8d74ef6c
SHA1

8d97ffb2d8d8bf11231b350d05ef3211c05901a9
SHA256

b07fd3a11a1660db0b637ac3747251a5902fde13c09b6d36341064245d233e1b
SHA512

60c7e3bbc5a98c6f8d52eb5bba3ea79e014385371c9848cf656108556daf9c4afdbdfc1eb29888a4aa208c66a64a002c490d40b57576172e0f9e8d610c5bec9a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06094b3923b9b903ef849bef8d74ef6c_JaffaCakes118

Files

06094b3923b9b903ef849bef8d74ef6c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a2467e7906298dd5da9b52c29f09177a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateRemoteThread
GetProcAddress
LoadLibraryA
OpenProcess
VirtualAllocEx
WriteProcessMemory
CloseHandle

Exports

Exports

UnloadLibrary

Sections

.text
Size: 512B - Virtual size: 338B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 333B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 57B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 78B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ