098b431672639ba1615afa1ed546dabe_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

098b431672639ba1615afa1ed546dabe_JaffaCakes118
Size

2.2MB
MD5

098b431672639ba1615afa1ed546dabe
SHA1

5a63b69509eda749fd9c2750806bc7d2892fe215
SHA256

b4cf523eac676e5db4d973da9c0e06789125e8488fcaf21f868e708bc1b2f2ae
SHA512

a06ed1d08ac487ab2d11b33bf4e5a7bd726938553110a526f829a33a19471af7bd7d917c545f23e263d3cd66fe5f89ba7fdb33ca60bcd7f075fb7b921b3788cb
SSDEEP

49152:SGdoRwl4QNlhVea85lxUf5lSwRe+SNxdmDlLlqq6Q/B:boQ3ZoagLUfDSwRo4xLAyB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
098b431672639ba1615afa1ed546dabe_JaffaCakes118

Files

098b431672639ba1615afa1ed546dabe_JaffaCakes118
.dll windows:5 windows x86 arch:x86

1138a98d2c3297c10326e612eb838931

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapDestroy

Sections

Size: 306KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zsscqywl
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

aeyzqlmi
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE