09596e31a3c95278fcdb89d813050740_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

09596e31a3c95278fcdb89d813050740_JaffaCakes118
Size

124KB
MD5

09596e31a3c95278fcdb89d813050740
SHA1

5282c2bf64760c58c4836ac8ae7e774bae2cd09f
SHA256

428722ccc42e2b3bd4c75b6a7661cb0c3effb9c9dc44b0e1450333706dce566d
SHA512

f770bf93c2b02d19535cb06bb8f8f374ccdcf966f01e53dec1ffa98f60e258fd79b0562c0825e048d64fd0781b80b2c49dc4b738dd3baf0e3b8dcf0dad4d2401
SSDEEP

1536:6RZU+CuL/Vu9RMjfOf/GxRYrahBYupvw+Up/HaTBObBC/QRIDYDUgbbKc8KeQcfX:6HXVu9cfOfkeupvwBMvYL4gTL0X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09596e31a3c95278fcdb89d813050740_JaffaCakes118

Files

09596e31a3c95278fcdb89d813050740_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a5f7221381d6b456daee8bd17654b86f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pichelp

ord1
ord2
ord3

kernel32

ord846
ord847
ord516
ord151
ord578
ord522
ord710
ord266
ord476
ord375
ord373
ord337
ord477
ord520
ord518
ord880
ord877
ord526
ord535
ord128
ord183
ord785
ord432
ord351
ord430
ord841
ord316
ord409
ord361
ord50
ord231
ord910
ord664
ord319
ord849
ord396
ord789
ord848
ord239
ord240
ord897
ord334
ord336
ord539
ord543
ord80
ord804
ord776
ord254
ord247
ord565
ord579
ord767
ord677
ord614
ord433
ord436
ord566

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ