b738dfc52db41f16f1d1c8f0cf123ba2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b738dfc52db41f16f1d1c8f0cf123ba2_JaffaCakes118
Size

31KB
MD5

b738dfc52db41f16f1d1c8f0cf123ba2
SHA1

d0790b9ea02574d1daf9b1de73b16e5832664284
SHA256

bdda7754800dac7a3ac3aac3a52c3847b8b1341813afbb9d07e5a1fc1ebfce47
SHA512

8ce3f9a3fe88b2d8035a358689d2b32a791a80501fd2404271eb2e9d4e109d07412a43b92c5d006d407544c33657f73fa2af518c6f26c9ab0c27281d4458c4f2
SSDEEP

768:Vjk5+jCQ/AFK2DZkCvxileyvduITYF/8A37D8:VA55zK2DZTpn+AIT0Zs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b738dfc52db41f16f1d1c8f0cf123ba2_JaffaCakes118

Files

b738dfc52db41f16f1d1c8f0cf123ba2_JaffaCakes118
.dll windows:6 windows x86 arch:x86

a852eb0b9c7e95f81c2096fb09208007

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

mfc42u

ord4621

msvcrt

free

user32

GetDC

gdi32

PatBlt

oleaut32

SysAllocString

ole32

CoDisconnectObject

Exports

Exports

ConnectionScheduleDialog
ConnectionScheduleDialogEx
DialinHoursDialog
DialinHoursDialogEx
DirSyncScheduleDialog
DirSyncScheduleDialogEx
LogonScheduleDialog
LogonScheduleDialogEx
ReplicationScheduleDialog
ReplicationScheduleDialogEx

Sections

.MPRESS1
Size: 24KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE