52f82af8599f9c77d53b76607b7a242d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

52f82af8599f9c77d53b76607b7a242d_JaffaCakes118
Size

22KB
MD5

52f82af8599f9c77d53b76607b7a242d
SHA1

623c96a3e7e2ef5242faf725bd9907ec247c78b5
SHA256

97f991d6f1f1dd76d9799ef60ac78464296211d862a1f8c4b004ab586248c29f
SHA512

d98d66263e8b2ce201728079747d0ce8c68e98238e4c9824af9f4fc129dee29502e169145299c5db65ee8e2242ffb2ab95e443f8853d6c167f569a894de8c57c
SSDEEP

384:dB4rDJvXHCK9E7U6Dxo0phLjAEqJpB8MKUvmxCuxU9YqCTQiCjNfsa:IDBHCL7U6DxouwpJKym8ua9iTm7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52f82af8599f9c77d53b76607b7a242d_JaffaCakes118

Files

52f82af8599f9c77d53b76607b7a242d_JaffaCakes118
.dll windows:5 windows x86 arch:x86

372166dbcd6b6fbfa89eaa11ecda6dc7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetLastError
Sleep
GetTickCount
lstrcmpiA
lstrlenA
CloseHandle
lstrcpyA
GlobalAlloc
GlobalFree
DeleteFileA
FreeLibrary
LoadLibraryExA
SetFilePointer
GetModuleFileNameA
GetModuleHandleA
lstrcatA
CreateThread
DisableThreadLibraryCalls

Exports

Exports

Export1
Export2

Sections

.text
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 682B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ