744bf43798d428c9fa4fd0c6b8434489_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

744bf43798d428c9fa4fd0c6b8434489_JaffaCakes118
Size

65KB
MD5

744bf43798d428c9fa4fd0c6b8434489
SHA1

f7a133408805b9cf37dd27cd68b11de93b60ce66
SHA256

a92e1d06c8fcfd470fc07008a1183ec79bd94de1e12c6d765cfb28a61299c8e6
SHA512

d4539fe5a95a4fa2ca97c9c84239e445362223684eb34fa227ffde44e3b2acbcc9862a6f5b086bf50577fbd8c404b2688a10b7d52b7783575af10261d63a009e
SSDEEP

1536:XeGhUZS1tqGH3tWn8bx0DxDQZQcKZ/EwjMgEK:uYUKAnCGDxDQNKKwI/K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
744bf43798d428c9fa4fd0c6b8434489_JaffaCakes118

Files

744bf43798d428c9fa4fd0c6b8434489_JaffaCakes118
.dll windows:4 windows x86 arch:x86

184d5e017a9373dd0dd64c61e3fc48a8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

memset

gdi32

CreateDCA

user32

wsprintfA

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 13KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE