4133fe50075b6a119c2d3c5c554e6db5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4133fe50075b6a119c2d3c5c554e6db5_JaffaCakes118
Size

306KB
MD5

4133fe50075b6a119c2d3c5c554e6db5
SHA1

38ee959b9bfa7c6cb3a5675d8a3c5798a971f283
SHA256

71b25c964f2c5a42d361d0962210f0cf7dbbf3d011e33ddab8d5064afa169b3d
SHA512

9aec61292a1fce3e56f0b9f5fc7c6576b1ee4707a9a5d78b289956eedb63c3852a103f463109b4d51812da4e91254e0e6f781f7471b492f235e2c3571a00f677
SSDEEP

6144:VmZVXSaIpExA7tTn+FlkPy+mutT7V/xFD3eJZU61RfsQTsWWuv:VmZVtYtTn+FlkPy+x/VxFD3eBnfsQrWc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4133fe50075b6a119c2d3c5c554e6db5_JaffaCakes118

Files

4133fe50075b6a119c2d3c5c554e6db5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

bd0c5e2173fde31d22cb05fc3c2a33dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
GetLastError
VirtualAlloc
VirtualProtect
lstrlenW
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 502B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ