8821aa4603d33876279276f1704964c1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8821aa4603d33876279276f1704964c1_JaffaCakes118
Size

87KB
MD5

8821aa4603d33876279276f1704964c1
SHA1

4015888d6a0e4ab51fc712999df2f61b25660359
SHA256

63255291fce9a3e0931d469a0f6027763e2d362164060f2c2073ee3dbb43fe40
SHA512

cad9b74197795378f074cd0c747c001788ba76127cd44819529101c7deab2c5b9a1f086274f21403d0764513d5450e05f173bb0ffa533abf76196ec6e39799a0
SSDEEP

1536:Xy/j0D8B0qwsrtsmQxN+LG7gVM/YccvZgSXpNS1EgVYevS4yZU5e:wj0DjFshDAgVxcwgShgnazr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8821aa4603d33876279276f1704964c1_JaffaCakes118

Files

8821aa4603d33876279276f1704964c1_JaffaCakes118
.dll windows:5 windows x86 arch:x86

1211fc073fbb4e4710ead3ca69ef5f9a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

StrFormatKBSizeW
PathAddExtensionW
PathAddBackslashW
PathBuildRootW

user32

MessageBoxW
DispatchMessageW
TranslateMessage
GetDC
SendMessageA
MessageBeep
DialogBoxIndirectParamA

Sections

.text
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RCODE
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Y
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE