0ee95668f57e1e43f618dca3236d7703_JaffaCakes118 | Triage

Sharing

General

Target

0ee95668f57e1e43f618dca3236d7703_JaffaCakes118
Size

69KB
MD5

0ee95668f57e1e43f618dca3236d7703
SHA1

03265cc55228bc8f2144a9016977ec4d95f094cf
SHA256

d548628ac87bec0569bb303e3f968240b8c7e2aee78e252d7318c1a1ae47ca79
SHA512

698c98ce53ab360731e65b78907b00130cc4e05dac749be0ab9bd8a556f812e89802bf3509e3300bbde58b33fc8c37e19b19c7b2a6e7793c949021622acafdee
SSDEEP

1536:dJxIHzfVJ41PHtR+n5XPxFhcw0H0cYqamU1QzeYs0uMmi07R11k7:IzfVJYmn5pFaVUXqa/fYxJ8z1k7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ee95668f57e1e43f618dca3236d7703_JaffaCakes118

Files

0ee95668f57e1e43f618dca3236d7703_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8f06688ccdf33b8f9bfd734f66241784

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

PeekMessageA

advapi32

CryptHashData

shlwapi

PathFileExistsA

Exports

Exports

Q_��
SAVE_SJ
W_YPM

Sections

.text
Size: 64KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE