448c6a36016a88ea493b88c8ff03ab88_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

448c6a36016a88ea493b88c8ff03ab88_JaffaCakes118
Size

160KB
MD5

448c6a36016a88ea493b88c8ff03ab88
SHA1

5b37b08cf1bfaddff50f4cd7d2eacae81c623155
SHA256

4ccaf47e6ab14dd19f0bdcaff12c5635d5375915f2315bb9f8f61d8c92477f79
SHA512

64d1f9d5415038432594d3f5737ec7dc6a226ee50de3708efe08541673bdab511891b14f08c475da6d97339ddf99402448e5b5f356502ae26b25b841a91b878a
SSDEEP

3072:7JNNvD33fKY+RTj+yShJlX4Dd3xZuOKOG/LoU01y9:trv4v4pwPK5/M1y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
448c6a36016a88ea493b88c8ff03ab88_JaffaCakes118

Files

448c6a36016a88ea493b88c8ff03ab88_JaffaCakes118
.dll windows:4 windows x86 arch:x86

68510967756dffc07ed5287834472f3c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeResource
LockResource
FindResourceA
LoadResource
SizeofResource
VirtualProtect
VirtualFree
LoadLibraryA
GetProcAddress
FreeLibrary
GetLocalTime
GetModuleHandleA
VirtualAlloc
GetLastError
CreateEventA
CreateFileA
TerminateThread
SetFileApisToANSI
ResumeThread
CloseHandle
UnlockFileEx

user32

PostQuitMessage
KillTimer
SetCursor
SetCursorPos
GetWindowRect
wsprintfA
SetTimer
GetCursorPos
GetDesktopWindow
MessageBoxA
IsIconic
MessageBoxW

msvfw32

DrawDibOpen

Exports

Exports

GetOut
MainReloader
ReadVA

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.bss
Size: 4KB - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE