071ef8e0fe9cf33c3811964071fd751c_JaffaCakes118 | Triage

Sharing

General

Target

071ef8e0fe9cf33c3811964071fd751c_JaffaCakes118
Size

45KB
MD5

071ef8e0fe9cf33c3811964071fd751c
SHA1

9536836b9b2fe398f31bf83d4617eb6cc696e5a9
SHA256

df761c26bfe985c1eafc4f15d1321bbe5ca19a3f473059d2eba2c60f14b50808
SHA512

e8840fd7f03f6dae4e954d57a1841e135fb9fc4452700d831ff4d70e0779d47448b41e6bd6d414c33d354af2a090e8784566fa8d2a2986c57de87b1c227d80c2
SSDEEP

768:RCDLdCMsCqSFXBsS9hmQrweVDQXWHIQZvTBR56n50PSe3gYqT8CafuCGyPpzQ9j+:RILdCYr1P9hmPeV0WHI2rw50KeQz8Gyh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
071ef8e0fe9cf33c3811964071fd751c_JaffaCakes118

Files

071ef8e0fe9cf33c3811964071fd751c_JaffaCakes118
.dll windows:3 windows x86 arch:x86

3b2bdd6f168ebc648729bd8cff3bd874

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetThreadPriority
LoadLibraryExA
OpenThread
CreateSemaphoreA
GetCurrentThreadId
ExitProcess

Exports

Exports

CreateProcessNotify
DllEntryPoint

Sections

.text
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ldata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ