0d3e38627193e0a872085ab711bb4d70_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d3e38627193e0a872085ab711bb4d70_JaffaCakes118
Size

5KB
MD5

0d3e38627193e0a872085ab711bb4d70
SHA1

1471d8ca50f0729a980a8f2d3e21b805164ceffa
SHA256

f4bf0019fa7cc12db3ad2e5392b126704b39366f7d0c9a61d7440bfba960a1ed
SHA512

0995ae915e9749f31387680281b45def9c2134738bc54b0db6a3d83f52263d2d8ecbb9b1212ada136bf4021d3eccaad2162d0796cc34b34bdf86001410d5d882
SSDEEP

48:qfAVqmtqcRH9rhWR0OCxPWE7+PIExjJYKho5AYJfax3X6F6tMPZT5MGFBo5j5x6Q:FtrRdrY0x7+PZJ+oPw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d3e38627193e0a872085ab711bb4d70_JaffaCakes118

Files

0d3e38627193e0a872085ab711bb4d70_JaffaCakes118
.dll windows:5 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress

Exports

Exports

rundll32

Sections

.text
Size: 1024B - Virtual size: 778B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 262B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 150B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ