489e7413bb298636e901324f2c09cc80_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

489e7413bb298636e901324f2c09cc80_JaffaCakes118
Size

38KB
MD5

489e7413bb298636e901324f2c09cc80
SHA1

c3123660476b297ae6d73da8d37e85199085570d
SHA256

e5462fdd00ec434b1a1d27f5a6904fb4289123292f287a1f5f858c37cf0f1d97
SHA512

622f4e8f4902124e4a8af6f90e41ffa5c81aeca9b4315d332b2f832f0fb8b5368791f3d0c0320aca58e49bafad4bcc14c5651c6ca94b3bb1f26cc6ad8e02af96
SSDEEP

768:+Ox+9PJOVDO8IUyE1aOXFflCi379K8vzdQNSIEloqC9I:NVcE0yBswK2pQNCloB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
489e7413bb298636e901324f2c09cc80_JaffaCakes118

Files

489e7413bb298636e901324f2c09cc80_JaffaCakes118
.dll windows:4 windows x86 arch:x86

541160bce55bf5030f1053d9ca2f310b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

ExitProcess

Sections

.code
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 9KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE