b095dedef6e2c1cc0a8401499bf78e0b_JaffaCakes118 | Triage

Sharing

General

Target

b095dedef6e2c1cc0a8401499bf78e0b_JaffaCakes118
Size

19KB
MD5

b095dedef6e2c1cc0a8401499bf78e0b
SHA1

e0a38ea1c50f67e8dec829ade0972a2d112a4f68
SHA256

444b1a5ecfdfdce15412c91639997169bbc3b2fff619af31f73efdb7052f71de
SHA512

eeee29b69b72b330c445aff03c942f1a7529e95d985e346a77d8429a3981e6777dc1f8ff16108b44d6042722a78d1e9e3b3c1b893900f1ce57836137bdbeeb43
SSDEEP

384:CEVEf5rf/XSm7MxmvFoE+E6bRq8AY20YIhbNAgIdI4y6uD8Rbi+7vvxlL:CE45rf/XSmimRlYRfAKrSIZ6uD6bx7D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b095dedef6e2c1cc0a8401499bf78e0b_JaffaCakes118

Files

b095dedef6e2c1cc0a8401499bf78e0b_JaffaCakes118
.dll windows:1 windows x86 arch:x86

2a64a6570b76df91ea269aca152830aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

RegCloseKey

gdi32

DeleteDC

ole32

CoInitialize

oleaut32

VariantCopy

user32

CharNextA

gdiplus

GdiplusStartup

opengl32

glEnd

glu32

gluSphere

Exports

Exports

BBProc

Sections

.MPRESS1
Size: 15KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE