0405bec46adda6d8b8661e1140c37275_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0405bec46adda6d8b8661e1140c37275_JaffaCakes118
Size

179KB
MD5

0405bec46adda6d8b8661e1140c37275
SHA1

032e4d7d4a20bebec06dfde9c7620100e45870d5
SHA256

ba5da61db634de5ca131ea98b5f6d15b6a8973611e3e2774dc366bb30fc0ca61
SHA512

5deaceaa648f66a67aa667657c9baf6fffd54f6c026c15fdc9361ae2c4d8ff81a5f3c389202a43f8721dba6fb17be2fd38a66609386e874f955c954faa215d7a
SSDEEP

3072:4FGmQzBft7FXve4YM7WGIdIE1VWyEyVZMMCJtlCFteNemBzbvIKufLSSXu7a6V2J:mGzZthW2EJfKdJbstwzbvI1mmCbLCCx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0405bec46adda6d8b8661e1140c37275_JaffaCakes118

Files

0405bec46adda6d8b8661e1140c37275_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1c372311534116eeffdf56f3f6c69c5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
ExitProcess
GetProcAddress

user32

wsprintfA
MessageBoxA

Exports

Exports

Activate
DllActivate
Install
OnUserLogon
UnInstallMsg
Uninstall

Sections

.text
Size: 117KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE