43c2650526972685c0339c6d157e7af1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

43c2650526972685c0339c6d157e7af1_JaffaCakes118
Size

6KB
MD5

43c2650526972685c0339c6d157e7af1
SHA1

cc4e1bbd7bdc27a38d66f89b7fdce660f5e97c6f
SHA256

1d8fb1aa9b23b5c677709a9308ddaa53bde581ab6d45d161100bdfbffc812769
SHA512

985379bbd1c782b29e13e4f2f6b358ce3b0c887a3ab93573aaadb9cc6dbf0d4c03796b61bb0e6378f5d3a2f79450f63b871e4ad556c6b13a5955fad09109925f
SSDEEP

48:anWroFG6rbXuOaZl8N7HfQWwx3HhHaKIZWiwn9U5WwG2Wi0SoozbC:+VrbXuOaZl8N7mx3H/EW39IWwG31SXb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43c2650526972685c0339c6d157e7af1_JaffaCakes118

Files

43c2650526972685c0339c6d157e7af1_JaffaCakes118
.dll windows:5 windows x86 arch:x86

cadcb7e945392853f233c18a3132d24b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetLastError
DisableThreadLibraryCalls
GetVersionExA
FreeLibrary

gdi32

GdiGradientFill
GetObjectType
GetCurrentObject
GetObjectA
GetDeviceCaps
GdiAlphaBlend
GdiTransparentBlt

Exports

Exports

AlphaBlend
DllInitialize
GradientFill
TransparentBlt
vSetDdrawflag

Sections

.text
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.texc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE