f56d18c5101f85c509b865e53dc87fd6_JaffaCakes118 | Triage

Sharing

General

Target

f56d18c5101f85c509b865e53dc87fd6_JaffaCakes118
Size

5KB
MD5

f56d18c5101f85c509b865e53dc87fd6
SHA1

d7aa391da4b49df316abba9fbb6ac33a0b9caa83
SHA256

b9dc921767c34b867e5109e4a5ebb1326adf81ff0a8705b3382de30cfc4fd676
SHA512

b15d24431f9d01d6a089b2af41453e62773b9d577c090dffb0d84d95cd633b13b402e1a8e7c3b66430da97df6549e989316c44a053568d6879713aa87d1c4468
SSDEEP

48:iCXTvABVemcnhgOnpT75B6Pm6e8rzYySCXcRqklhWsC4XuvcQ:/ccnhgO15u5jrzYmsokKsCRcQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f56d18c5101f85c509b865e53dc87fd6_JaffaCakes118

Files

f56d18c5101f85c509b865e53dc87fd6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b475628785de4707267f690ce17b4e18

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
ExitProcess
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcmpA
lstrcpynA
lstrcpynW

user32

MessageBoxA
wsprintfA

Exports

Exports

_FunctionA
_FunctionB
_FunctionC
_FunctionD
_FunctionE
_FunctionF
_FunctionG
_FunctionH
_FunctionI
_FunctionJ
_FunctionK
_FunctionL
_FunctionM
_FunctionN
_FunctionO
_FunctionP
_FunctionQ
_FunctionR
_FunctionS

Sections

.text
Size: 1024B - Virtual size: 982B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 146B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ