2b54a90b2b7a12566b1612caeaeb1005_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b54a90b2b7a12566b1612caeaeb1005_JaffaCakes118
Size

21KB
MD5

2b54a90b2b7a12566b1612caeaeb1005
SHA1

c183d4fad49d0481bff6ef6f3f75e3250c94063a
SHA256

d28053c0e9da06de8e70df8cfa9385a832e4363541dd6e36592510bd4545b42e
SHA512

2416858d65eeade3bebc38b2e3653e45319e517b6ea8e3c7f24a82d901b185cb28096e4270ced5591cae5e7802093c6e9a22eb5f7eec5dc0c68bf96afc9bf32f
SSDEEP

384:Uhiqmda1daRsmInX4Ysutx7FiLaYrvW0JVic0iA8wR0qr:e9daRsm4X4CKaYLW0eriAt1r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b54a90b2b7a12566b1612caeaeb1005_JaffaCakes118

Files

2b54a90b2b7a12566b1612caeaeb1005_JaffaCakes118
.dll windows:4 windows x86 arch:x86

70796dc6834b5dc8ec8b767c182d3d6c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
LoadLibraryA
MultiByteToWideChar
Sleep
WideCharToMultiByte
lstrcatA

ole32

CoInitialize
CoUninitialize

oleaut32

SysAllocStringByteLen
VariantInit

Exports

Exports

DllMain
clafao
gqqhdkr
ovuorn
tklvr

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 724B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 460B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ