JaffaCakes118_16b4b629f74149b8205efbaae92615f95e571de4865c5b1711622c89fb32e4ab

General

Target

JaffaCakes118_16b4b629f74149b8205efbaae92615f95e571de4865c5b1711622c89fb32e4ab
Size

1.8MB
MD5

ddab06691c87a685ef9ffc39824aa0bb
SHA1

cfc67c55a52e6047dbc79ab87ff92b064e1b211f
SHA256

16b4b629f74149b8205efbaae92615f95e571de4865c5b1711622c89fb32e4ab
SHA512

8b2d9d0941f271e002e4304b74e1b8101100dd8b3d65c6dbbed7c3e0b21c064e9073ec05fb8bfcffd2dea61befaccc9f3bb65a55625f0a6a7951f3b5e128c6ce
SSDEEP

49152:y0ngSHURg8UEGq36DkCigf4fnBr0YbKps6n4WikfX0WY:7ROBUEGC6gCpw/OYbGb4WRfXLY

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/mkl2n.dll

JaffaCakes118_16b4b629f74149b8205efbaae92615f95e571de4865c5b1711622c89fb32e4ab
.zip
documents.lnk
.lnk
mkl2n.dll
.dll windows:6 windows x64 arch:x64

76c7bbb3ef482197e9ed4286198fa18b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetStdHandle
CreateFileA
DeleteFileA
GetFileInformationByHandle
GetFileSize
ReadFile
CloseHandle
ConnectNamedPipe
DisconnectNamedPipe
HeapAlloc
HeapFree
GetProcessHeap
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
ExitProcess
GetCurrentThread
GetCurrentThreadId
GetModuleFileNameA
CreateNamedPipeA
CreateActCtxA
ActivateActCtx
DeactivateActCtx
GetCurrentActCtx

Exports

Exports

PZbsl9
QzDn4
kXlNkCKgFC

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ