ed5de60d5f10621a3aa2923099e39044_JaffaCakes118 | Triage

Sharing

General

Target

ed5de60d5f10621a3aa2923099e39044_JaffaCakes118
Size

13KB
MD5

ed5de60d5f10621a3aa2923099e39044
SHA1

3dc8cfa1d3cd7e9a467b6f0f6eb7be6f3688aeec
SHA256

38a39052fa28b3df91b3eb997f08e2395b8e5100d201f8cff093bdc367fccaad
SHA512

982ef66d34410fe30d5ca170ef04fe7d073f3ed91f846c90df5919d77982c15e54e303d66cd51b67c9da9e64ea826630ccddefbbe322fb2d0ae6c07a388547b1
SSDEEP

384:NddJtJUq8m0+so+955WRX6Ju4PeIxF34/MqCdP:N5tJUqTBoom9eIxF34jy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ed5de60d5f10621a3aa2923099e39044_JaffaCakes118

Files

ed5de60d5f10621a3aa2923099e39044_JaffaCakes118
.dll windows:4 windows x86 arch:x86

810d5f352a0e08c65a71c567b56d44f4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
malloc
_except_handler3
_initterm
free

kernel32

GetWindowsDirectoryA
GetModuleHandleA
GetModuleFileNameA
lstrcatA
LoadLibraryA
GetProcAddress
CreateFileA
WriteFile
CloseHandle

user32

DefWindowProcA
PostQuitMessage
DispatchMessageA
TranslateMessage
GetMessageA
ShowWindow
MoveWindow
CreateWindowExA
RegisterClassExA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
UIMessage

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ