4427714a362cc2bd7bb9671c6ed9f947_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4427714a362cc2bd7bb9671c6ed9f947_JaffaCakes118
Size

8KB
MD5

4427714a362cc2bd7bb9671c6ed9f947
SHA1

85bf8b010a3a7ddb2ca3c3a3b6e74ac4ba8b7943
SHA256

547ec8fd20830637fb58b0a9d7ff3fb2cfebc6f1a2d32603d3ec31207adea38d
SHA512

8e09606342644f1bedb6618cd9f3fe624fe75a9a26a9bffa9bebbef33fa583395835f70735fbfa41ac3ffe731c5cf5e62da8037b193f224641b2ec289b7b0e56
SSDEEP

192:ssFpOMxHdoroLezf6c7CxHLKHX+izbTWhsYp:RLHIoLkflHuo1Yp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4427714a362cc2bd7bb9671c6ed9f947_JaffaCakes118

Files

4427714a362cc2bd7bb9671c6ed9f947_JaffaCakes118
.dll windows:6 windows x86 arch:x86

c51ace7ca7682f7bec73b40b02020426

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

gdi32

GetFontData

user32

GetDC

python27

PyList_New

vcruntime140

memset

api-ms-win-crt-heap-l1-1-0

free

api-ms-win-crt-runtime-l1-1-0

_cexit

Exports

Exports

initwinfonts

Sections

.MPRESS1
Size: 6KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE