4c8c659aff0d6c289e2a60c71b8a69fd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4c8c659aff0d6c289e2a60c71b8a69fd_JaffaCakes118
Size

34KB
MD5

4c8c659aff0d6c289e2a60c71b8a69fd
SHA1

33891ce6aab4d338e0a191e0fb00249707ccb645
SHA256

13901a02f840ee8918b6d7c7ab5a53cd11f3b21f61a7786e671d4696890b482e
SHA512

a5fbca90a7670ca23c685dba5ee0d45d5ce39ddd2ceb6ba48ff82339d3e8f768b5981d9d601b6fdf05694ea288be14771c11e95a8e1f8ef7ece073934228a54d
SSDEEP

384:AWNub2yY+RK6H+wyEoRu7KNTiLs4y+wTLf04Xn3n5asDH7J2NEfChn8yhEAYAWkS:XM33j+w9oACTiny+wTzL5aIbkqeERX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c8c659aff0d6c289e2a60c71b8a69fd_JaffaCakes118

Files

4c8c659aff0d6c289e2a60c71b8a69fd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c8d2d9f672786803dcd611ea74090ebd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

InvertRgn
PolyPatBlt
RectVisible
CreateRectRgn

msvcrt

__p__wpgmptr
_copysign
__p__tzname
_mbsnicmp
_dup
_getws
_inp

kernel32

GetCurrentProcessId
GetThreadLocale
CreateEventW
GetCommConfig
LocalAlloc
LocalHandle

Sections

.text
Size: 13KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE