148f79ca226319586f857c8c3b4ac210_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

148f79ca226319586f857c8c3b4ac210_JaffaCakes118
Size

80KB
MD5

148f79ca226319586f857c8c3b4ac210
SHA1

832841783ef2aa066b079e67c78b5480c65ee9b5
SHA256

19f4b5899fcafeb070a106f11c5745874b6c212273a1009efbbbe6db146b0d7e
SHA512

00054cfc7f5a5ff1607bff90482a1becae51719d1d47bd297553f255fc6d31ff12930d5de06bef0881ceaf81cf98fe2eb4892caaffacd0f6bdc43e02df7992ae
SSDEEP

1536:pVqRK80kTuAGwjEHxl3jcobvsxdCyNiI7dgNF2d9Yslt4A1B4gshbSS8M5:K/0GuMEX5bvOdCyNdd1Jl6xf8q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
148f79ca226319586f857c8c3b4ac210_JaffaCakes118

Files

148f79ca226319586f857c8c3b4ac210_JaffaCakes118
.dll windows:4 windows x86 arch:x86

03c0ede4ab0c725451bbc8809c6be036

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
ExitProcess

user32

GetDC
GetDesktopWindow
TranslateMessage

gdi32

GetDeviceCaps

comdlg32

ChooseColorA

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 70KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE