JaffaCakes118_9fa4890001bfa61c05d4d3da5af0d2c0873b524472375ebd1e3bd66e08073421

General

Target

JaffaCakes118_9fa4890001bfa61c05d4d3da5af0d2c0873b524472375ebd1e3bd66e08073421
Size

207KB
MD5

f9e5c5d70977450f8b37ea17c58758cc
SHA1

3cd1a7e13460cb228d7259e5304b043b960224ba
SHA256

9fa4890001bfa61c05d4d3da5af0d2c0873b524472375ebd1e3bd66e08073421
SHA512

0d9a432d86bff724aeb22d9dea9392b5f3c8bd7d91fd438cd5dcefdd833f9fa01050d1b45fc9c51a98a2e662763568ef03968f12f8c5a565cb2df859f26b4f1d
SSDEEP

6144:YX5mpryX7mQHIR8zhx9aNj0DO5LH3HYFtMe:Ypg0j8uGukTYFtF

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/bole4d.dll

JaffaCakes118_9fa4890001bfa61c05d4d3da5af0d2c0873b524472375ebd1e3bd66e08073421
.zip
bole4d.dll
.dll windows:6 windows x64 arch:x64

493ab125ddc13e1ccd224e8842c9b17c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

usp10

ScriptCPtoX
ScriptApplyLogicalWidth
ScriptStringFree
ScriptStringOut
ScriptShapeOpenType
ScriptSubstituteSingleGlyph
ScriptBreak

Exports

Exports

AY9ckM
Hlv0MvUzN
Lcd2DiLgO
PluginInit
SvghHtB
T8KJTTo
jvVANUnz7
lTpkPSs3LK
oAHv4Z60
qFYfyDJj
xFaLLQI
y47iU6Y6

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
documents.lnk
.lnk