16c4467c33bf500c4d72a18f36918a5e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16c4467c33bf500c4d72a18f36918a5e_JaffaCakes118
Size

666KB
MD5

16c4467c33bf500c4d72a18f36918a5e
SHA1

58a7cb6195e316ea3893de717008927d2ea0f069
SHA256

a1fe95f352fbaa37a9326e557685363bac63251368947698f859592ab66659b6
SHA512

4e226a310446b5a0af7fbc990e0b9a078677c38505c63621c3d27bdabd0d037887be0ce7d86f21f09b94d42b8477d50d5d38f1b88e68fbe88e169efb25e67d35
SSDEEP

12288:ViSX4/0cuYpNzW9za89EY1WVDvVBQ/Q7CTAtMJqN6:fqVNq28JUvVBHCEeUN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16c4467c33bf500c4d72a18f36918a5e_JaffaCakes118

Files

16c4467c33bf500c4d72a18f36918a5e_JaffaCakes118
.dll windows:5 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 18KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 828KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xzzybipw
Size: 642KB - Virtual size: 644KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

uhdavang
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE