529f1d701cc6e79e4646b333ef9aa9ab_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

529f1d701cc6e79e4646b333ef9aa9ab_JaffaCakes118
Size

17KB
MD5

529f1d701cc6e79e4646b333ef9aa9ab
SHA1

399a94f7bea90ccc898d0d2666a5fa752f5cd1fd
SHA256

ae4f5dd98220e010e2e1436f1a970f41d979c8edcb794a7e95169a1576c19978
SHA512

8804b6a5f4b9c5dfd408b8b45cd585db3cfb6241c13298854417f047d386ba4f7250d3c493e330b4460197badbbc817ac85fe0c0654240676fe2df0e8e364424
SSDEEP

384:D/vCXn5HTk0BiuUC5qKrFGFVOKTQViR+EmzL37k72RyPV7:D/MHI0BSoRGF0K0ViR+PruP5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
529f1d701cc6e79e4646b333ef9aa9ab_JaffaCakes118

Files

529f1d701cc6e79e4646b333ef9aa9ab_JaffaCakes118
.dll windows:4 windows x86 arch:x86

805d77ebf6e2842ae8cc8d2cbb1f6dc0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
GetLastError
FindClose

Exports

Exports

Activate
Delete
DllCanUnloadNow
DllGetClassObject
GetModInfo
Install2
Run
Stop

Sections

.text
Size: - Virtual size: 100KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE