63b5e1ecc8b968eca8461c02d3920c1e_JaffaCakes118 | Triage

Sharing

General

Target

63b5e1ecc8b968eca8461c02d3920c1e_JaffaCakes118
Size

14KB
MD5

63b5e1ecc8b968eca8461c02d3920c1e
SHA1

333ef54a21267b1765fb68977fbf3bbeb85f2f40
SHA256

2db23484794a95340ff6596ffaea19d0b1921558da81a2037eaef62d17ce763f
SHA512

6790f624bb3006f1c77a13180432e2eda7a483e67456eab63443e2aadad024690256f4ac3d8a4b93c958888421e6486471c27c75e13b01686cd4cce5a87a1937
SSDEEP

384:rPJnjUnZ/73QQPCSLRrlJe8U9IxF34aMGCd:NnjUn97AQPpR/eJIxF34A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63b5e1ecc8b968eca8461c02d3920c1e_JaffaCakes118

Files

63b5e1ecc8b968eca8461c02d3920c1e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

810d5f352a0e08c65a71c567b56d44f4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
malloc
_except_handler3
_initterm
free

kernel32

GetWindowsDirectoryA
GetModuleHandleA
GetModuleFileNameA
lstrcatA
LoadLibraryA
GetProcAddress
CreateFileA
WriteFile
CloseHandle

user32

DefWindowProcA
PostQuitMessage
DispatchMessageA
TranslateMessage
GetMessageA
ShowWindow
MoveWindow
CreateWindowExA
RegisterClassExA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
UIMessage

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 894B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ