17bbf68e1ebef130975030c752e9d4f2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17bbf68e1ebef130975030c752e9d4f2_JaffaCakes118
Size

308KB
MD5

17bbf68e1ebef130975030c752e9d4f2
SHA1

54b2f47855a65b4159fa2cfc7a58382ffab81cda
SHA256

411c2d5ef1482d48e181afbbca6088888f3fdc32379de22542aa3c52abcc9bb9
SHA512

90407864f899e66a1422a3e33cf87ea876ab7116d6afea23643468437b92c714dd477dea82af082a15a27ff5ceda4215ac82866826604e00e12103e6eb64c74a
SSDEEP

6144:ziA8ZwzTcPmND9zOwKta2b2e6y2FL1yceNEH1DNyCu3wpkZ/PBIyX9y65:WvKeODhka2bV6y2FjpHSsS/mW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17bbf68e1ebef130975030c752e9d4f2_JaffaCakes118

Files

17bbf68e1ebef130975030c752e9d4f2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d0801690c506af4acdea5b312433f4c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualProtect
VirtualAlloc
VirtualFree
GetProcAddress
LoadLibraryA

user32

GetDesktopWindow
GetDC

gdi32

LineTo

Sections

.text
Size: 235KB - Virtual size: 428KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ