09b557d7c5f3422063720548d03e9459_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

09b557d7c5f3422063720548d03e9459_JaffaCakes118
Size

38KB
MD5

09b557d7c5f3422063720548d03e9459
SHA1

3051a1c5bf9e36022052f8e94e050518a7cd5e7a
SHA256

c1b54bfa09b6797c44910a9ce3b7cf16cef4f95bdc512e0e03a8e44ad85b6c79
SHA512

376737bf116007fca011b1a8c4a23cada14509fd0a9b34b92d59b8893813a700846ea2973cc04da279da6402fc3826e594de0aea94bda8bad3de4e0ae19de401
SSDEEP

768:zpFZ8X3+cCZ/VBDTHPg2aAEYfHnFm6qjN/DyxRszGSIu:HZ8H+n/jH5QYtJq5uCGSH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09b557d7c5f3422063720548d03e9459_JaffaCakes118

Files

09b557d7c5f3422063720548d03e9459_JaffaCakes118
.dll windows:5 windows x86 arch:x86

99aa31167d676c870d34bd14d0daf311

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
GetProcessVersion
ExitProcess

shell32

DllRegisterServer

ntdll

NtQueryEvent

Exports

Exports

ReadIhqqanxcef

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qsjhot
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ