6a50db4e4bd9defef7b162c1ba5b0132_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a50db4e4bd9defef7b162c1ba5b0132_JaffaCakes118
Size

14KB
MD5

6a50db4e4bd9defef7b162c1ba5b0132
SHA1

52d9ae550283fd9c764a57fe4d8cbbcd972df582
SHA256

1e5629fba4ff1d5c114c3176b3c79e6ae74e94a4667e5e7f261a4290963bdbca
SHA512

2429cb6b17780a6431c9cc78895aca3e93436a2521bafa13ef57ae9e9d9b692f9cc611622963b4af595d45096de2d161898fff91a102d0a8466166620530e4b6
SSDEEP

384:xcE4b8NO5VRDqTSx4bpsye9Y/UG7UcohZNkWquTOs:kb8cgTDpNeOsG7UPZNf5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a50db4e4bd9defef7b162c1ba5b0132_JaffaCakes118

Files

6a50db4e4bd9defef7b162c1ba5b0132_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c92746cd3b69c56e5c4ed6d3f9854fa1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualFree
VirtualAlloc
FreeLibrary
VirtualProtect
GetLastError
CreateMutexA
ExitProcess
GetProcAddress
LoadLibraryExA
GetModuleHandleA
GetModuleFileNameA
LoadLibraryA

user32

MessageBoxA
wsprintfA

Sections

.data
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_rl
Size: 416B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ