1749dead0c5999bd26169b021062ba25_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1749dead0c5999bd26169b021062ba25_JaffaCakes118
Size

3KB
MD5

1749dead0c5999bd26169b021062ba25
SHA1

0ad60e176a47d04b327ff2c1b89655e450c777c8
SHA256

74ad4fc5f4753937e33c98c143e90daf1ad1bcdd84c27facbbec20937fe1a7e1
SHA512

69bbf707f112f8c0e75f79fd52ff3ed711f21e28b4459f96e9d1856dfe76d8d0935dc785b621add7b12a4ee9f645ecf2a42d870667d7914135252cfc84779f87

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1749dead0c5999bd26169b021062ba25_JaffaCakes118

Files

1749dead0c5999bd26169b021062ba25_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b6f391375d741ab65301de3824d105be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateMutexA
CreateProcessA
GetLastError
GetModuleFileNameA
ReleaseMutex
lstrcpyA
lstrlenA

Sections

.text
Size: 1024B - Virtual size: 566B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 307B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 301B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ