051716f4328bfa1a456ab0118510c998_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

051716f4328bfa1a456ab0118510c998_JaffaCakes118
Size

11KB
MD5

051716f4328bfa1a456ab0118510c998
SHA1

6e46a2ada213c402b269b3637fd1e086e2e23996
SHA256

e6297c26b0d005a9676d9ccfd0f725e1ebf78d7f789b7139627925668944b33e
SHA512

49d1a4300b8e6b556df72811a4cf81abe11d1858552866810001aac78f15f6fe8131f56e7ea34ded27681040cb03bca5e86e0804772e520f5ab3ddc499e7b4ca
SSDEEP

192:Ty4NjIxEpnn2l8HBLNsdVkwP5Wa05ROxuLkfYNhYRQ2VyLEvDYpFWadgtW:u4Fn2l8Tsdaw05ReuLkwjGyLcDYpFWar

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
051716f4328bfa1a456ab0118510c998_JaffaCakes118

Files

051716f4328bfa1a456ab0118510c998_JaffaCakes118
.dll windows:6 windows x86 arch:x86

6499a543f3237d6a92136b199d413ef2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

free

gdi32

GetSystemPaletteEntries

user32

GetDC

winmm

DefDriverProc

Exports

Exports

DriverProc

Sections

.MPRESS1
Size: 8KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE