JaffaCakes118_1dfd99a229d515f8223d61326dae02b6e8344136698e99ce834fcd07296eb841

General

Target

JaffaCakes118_1dfd99a229d515f8223d61326dae02b6e8344136698e99ce834fcd07296eb841
Size

346KB
MD5

38d9e7067038bc4e78f47231e905c9b1
SHA1

5c81bb71384b847c92ee922bc7e9e5039963366b
SHA256

1dfd99a229d515f8223d61326dae02b6e8344136698e99ce834fcd07296eb841
SHA512

afc7414583d25cb63553dc6298790d517d9ddc969fbb5b33586cabbecbb0a57548b3dcc3a7d5c80372f245f40920839c3cdc7598dae86a8b80a3078ac8945d3e
SSDEEP

6144:fWYQ9HnHu8wB2viJ/6YsRaOgMqqs+dgkSt+32VGuqe/pN1TpH79M0lsGLi1hoSQc:fWYQ9HY96DaOgXV+xytrDtdGZMi1z

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/candyx32.dat

JaffaCakes118_1dfd99a229d515f8223d61326dae02b6e8344136698e99ce834fcd07296eb841
.zip
candyx32.dat
.dll windows:6 windows x64 arch:x64

7026331607c17c0fdb566750f2a7fb3a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

VirtualFree
GetProcAddress
LoadLibraryA
VirtualAlloc

Exports

Exports

AhvjbzbuknjnefQjtldnvqotsi
DllMain
MkfusYxawlxozkb

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 590B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
core.bat
license.dat