5401338e17aaedb902a3d74593a7e47e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5401338e17aaedb902a3d74593a7e47e_JaffaCakes118
Size

60KB
MD5

5401338e17aaedb902a3d74593a7e47e
SHA1

34a2a6450976af2caada799a34cf00db25ae801a
SHA256

b941d5bc559d7f3c696850bd2c2f3cabe909037622bcf9191883d51d1b9dea25
SHA512

e527befc280656c69e4107ff5281eec3365c6e22d3b68fa7ffee9f7e54f86b7268ed893c01238d8673aa83ae3ed6cb0ff94722f6e6468372e1d0df0bab5f0a24
SSDEEP

1536:7cT7pW++IP3HB0Lq82OP55r3XkNP72M7H:7cve+3h0Lp2k55jXkNP72i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5401338e17aaedb902a3d74593a7e47e_JaffaCakes118

Files

5401338e17aaedb902a3d74593a7e47e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

fddabd1b87666f80ac79b2e77bddb92f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\src\googleclient\total_recall\gdsapi\release\dll\obj\dll.pdb

Imports

kernel32

GetVersionExA
FreeLibrary
GetProcAddress
LoadLibraryA
GetProcessHeap
HeapAlloc

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

Exports

Exports

GDSCompatibilityCheck

Sections

.text
Size: 1024B - Virtual size: 790B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 668B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE