JaffaCakes118_6d6eed486a69052ab20a7e9a075a342fd58eae928f13ac088e3364d580c66118

General

Target

JaffaCakes118_6d6eed486a69052ab20a7e9a075a342fd58eae928f13ac088e3364d580c66118
Size

245KB
MD5

7c7765b68f3d07ff6cfa3ea1093cf60b
SHA1

4a8da716ed516f6a5f2ebcdeca5125f78faab287
SHA256

6d6eed486a69052ab20a7e9a075a342fd58eae928f13ac088e3364d580c66118
SHA512

a2d8ebd07836e48dd1d99f952bda1a09899afc44ba929ea12cd8c7a901c13e1bdf839d77dfeaf237ad676a6aa40b751fb3c27d7e4a3845e7122006f0a1ed7255
SSDEEP

6144:VREjLhgZozSnml+/0OSoZ7DCKynH9zLbfe5S:VREfhgizemlmSoNf8dzLMS

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ker3p.dll

JaffaCakes118_6d6eed486a69052ab20a7e9a075a342fd58eae928f13ac088e3364d580c66118
.zip
documents.lnk
.lnk
ker3p.dll
.dll windows:6 windows x64 arch:x64

3b065cb7ac4ae6ef77778066bb90cf83

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

rasapi32

RasGetErrorStringA
RasGetEntryPropertiesW
RasGetCredentialsA
RasSetCredentialsA
RasSetCredentialsW
RasSetAutodialAddressW
RasGetAutodialParamW
RasGetEapUserDataW
RasGetEapUserIdentityW
RasFreeEapUserIdentityA

Exports

Exports

Bjhasyuijkas
Bnmr84Qey
CSENVxJ
EhsTeD0s2l
FHiWuL
QhooUMbm
TTzzXOA4
aewE6jXrdR
bQtuOqUHX
cP5L8tQU4BB
emp7eHNtF
iAMeMFz5ay6
lwZvp86JGA
nIS8gG
pWSEyxl
qCz83Q7OIS9
rO3ZAbg
tsfPCmzfSl
yFcDwdHN1B

Sections

.text
Size: 422KB - Virtual size: 422KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ