b051d997d73ff78681499d06ddecaf2c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b051d997d73ff78681499d06ddecaf2c_JaffaCakes118
Size

1.7MB
MD5

b051d997d73ff78681499d06ddecaf2c
SHA1

a37424a02fa4c905ac0e9909727b9958d80f5caf
SHA256

8eb5c7f7939198bd1a50e7b36ca1134e959cc61d6f8e9d276eafc13d3567c502
SHA512

b33c849fd56e11bd0f5da0561e4d98420185b98ce862c6ad43780803102e51c5d33ee88e3e537a36a5194e6d990daf9e1d8ab26b7b8e3c6068dded2e0a24b882
SSDEEP

49152:hz74bu1q3ecfRDa3HpJRhfsu9Jecm8QHnm6+O:hgK1uzo3HpLiyJecm8QGm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b051d997d73ff78681499d06ddecaf2c_JaffaCakes118

Files

b051d997d73ff78681499d06ddecaf2c_JaffaCakes118
.dll windows:5 windows x86 arch:x86

a259cf4d6115103cb59133b6b819ca30

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
CompareStringW
GetProcAddress
GetEnvironmentVariableA
UpdateResourceA
GetStringTypeW
LoadLibraryA

user32

TrackPopupMenuEx
GetMenuState
CheckMenuRadioItem
GetAsyncKeyState

gdi32

EnumObjects
ExtFloodFill
SetGraphicsMode

advapi32

GetServiceDisplayNameA

Exports

Exports

gfpaxianntzlj
npmoxbilslic
phweezmxlcyachv

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 492B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ