308baab51a9cea5a3944746430b6a8dc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

308baab51a9cea5a3944746430b6a8dc_JaffaCakes118
Size

51KB
MD5

308baab51a9cea5a3944746430b6a8dc
SHA1

4f56e0b00f64cc37d96227dfc5fa03892c369c10
SHA256

d11f066ae3a4407e8245b382667b6a78e4fe8f516d18f4540eda3bf08662af82
SHA512

7d419f7242ef3c8882325c8637ed04e363ed36ee72a4ebb25c041d950c67d575dce3023a682941677b07b51add52d73b3dd89920b420a86ddc4a91fc39a9e6f9
SSDEEP

1536:WHqsjnz6ga6zwyUFDpgdi35QLma3kUAe2P:WZI6zeFdgdi3ikxe2P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
308baab51a9cea5a3944746430b6a8dc_JaffaCakes118

Files

308baab51a9cea5a3944746430b6a8dc_JaffaCakes118
.dll windows:5 windows x86 arch:x86

f3f980b3c50e4b2d40094a0208b87120

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathAddBackslashW
StrFormatByteSizeW
PathBuildRootW

user32

DispatchMessageW
SendMessageA
MessageBeep
DialogBoxIndirectParamA
MessageBoxW
GetDC
TranslateMessage

shell32

SHGetDiskFreeSpaceExA

Sections

.text
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ECODE
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE