11b06fa43acdd97cf8992f2481b7cf30_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11b06fa43acdd97cf8992f2481b7cf30_JaffaCakes118
Size

3KB
MD5

11b06fa43acdd97cf8992f2481b7cf30
SHA1

6e90164b553f05f3f65a6a6410fc0a85e1ab2604
SHA256

0347ff59679a63bb85b3f3e0fd456e5799fac671936ab90fa99bdcc6670d349d
SHA512

78b6823893695739a13e5c22bd48e7fb606d3c6167014a59e84f9d279457751096a5c4e741700955cafba47e79f38882a154afd966bf177e962e0371967675c8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11b06fa43acdd97cf8992f2481b7cf30_JaffaCakes118

Files

11b06fa43acdd97cf8992f2481b7cf30_JaffaCakes118
.dll windows:5 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress

Exports

Exports

?rundll@@YGXPAUHWND__@@PAUHINSTANCE__@@PBDH@Z
rundll32

Sections

.text
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 319B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ