0a7869bff809742479ebdcc454b3ae8b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a7869bff809742479ebdcc454b3ae8b_JaffaCakes118
Size

50KB
MD5

0a7869bff809742479ebdcc454b3ae8b
SHA1

6928f7434fe6d110c7d60d9d75f8cba0f691a636
SHA256

2b02eebf92bf7a8f52fb750241e543ff60ebc37eeecf02ecb674bb25893a64d6
SHA512

77c3baf633066fb15bb0e20ca52870a881189dcaf3c24c03150c376a533e1abf16d162c13e685859bd62cee40f81b0e6058c6801f9439d806facc1e58f90bf28
SSDEEP

768:hCVo+MfaqirsdWWG5G+O+t3ROEc9O/f9p2q1LOnb1bfu:hCVMAIdWa89fasL6t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a7869bff809742479ebdcc454b3ae8b_JaffaCakes118

Files

0a7869bff809742479ebdcc454b3ae8b_JaffaCakes118
.dll windows:5 windows x86 arch:x86

f3f980b3c50e4b2d40094a0208b87120

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathAddBackslashW
StrFormatByteSizeW
PathBuildRootW

user32

DispatchMessageW
SendMessageA
MessageBeep
DialogBoxIndirectParamA
MessageBoxW
GetDC
TranslateMessage

shell32

SHGetDiskFreeSpaceExA

Sections

.text
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ECODE
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE