41374d6aeeda67c579625ad0b5e861ef_JaffaCakes118 | Triage

Sharing

General

Target

41374d6aeeda67c579625ad0b5e861ef_JaffaCakes118
Size

156KB
MD5

41374d6aeeda67c579625ad0b5e861ef
SHA1

4d9300fa801cf7550b347aa2196d6459ba71a361
SHA256

2eed18b9f391c7757fdb01d9de07c085f0d391794b6a4e9e765217b0816134c1
SHA512

ceb7ac76b7427ec5d4cc281e2fc34c1395fa1a5afc2f8d630939a573b18757e19a84a41b8d63924ccb0901a57adf08d9367eb6d808c54479e46fe27437bbc5a6
SSDEEP

3072:twrtIN+BYCEypKV4m0kWi2wqBYgI3NwbykTF36Af3kN+RZFUp3:twrGN++uvANzEg9VkTF36chDE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41374d6aeeda67c579625ad0b5e861ef_JaffaCakes118

Files

41374d6aeeda67c579625ad0b5e861ef_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8802ec6e2369d4e04fe1cc9bc9633094

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
CreateDirectoryA
GetProcAddress
InterlockedCompareExchange

user32

ScreenToClient
GetSystemMetrics
PeekMessageA

Exports

Exports

isaCommonvga

Sections

.text
Size: 128KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 383B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ