295b71e0bd43d641f2bb0ff007135cb5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

295b71e0bd43d641f2bb0ff007135cb5_JaffaCakes118
Size

59KB
MD5

295b71e0bd43d641f2bb0ff007135cb5
SHA1

8100756773401a89e6ad162580f7501fb1a63cc7
SHA256

d541a55dd9dd9f1fe5fb5a87d6ef082d5d4710c6b92ecea33766dd7410b1eb6a
SHA512

f1e9e4736b2edcbb5e4ff2fd04767782f20497a2341dcf433fcf9e47efceef8b7b8a5380f394cd416e8f0d91d8a5faca36da6ef2a0dbed52b0a0b074f671fbd7
SSDEEP

1536:iXqWFmaJJ0rkjlcCGXM6ds6GGA2P+ly+Hmuh81Hs+:WJFmcTcCiX1xP0Hmk8S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
295b71e0bd43d641f2bb0ff007135cb5_JaffaCakes118

Files

295b71e0bd43d641f2bb0ff007135cb5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0421f871b79c3f74c54fb55e887e4204

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

malloc
_initterm
free
??1type_info@@UAE@XZ
??3@YAXPAX@Z
_onexit
__dllonexit
_CxxThrowException
__CxxFrameHandler
_adjust_fdiv
??2@YAPAXI@Z

kernel32

VirtualProtect
CreateMutexA
GetLastError
ReleaseMutex
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleHandleA

Exports

Exports

loop
mydoor

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 490B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ