b41b328cdd9f21edb774bcf749f754b3_JaffaCakes118 | Triage

Sharing

General

Target

b41b328cdd9f21edb774bcf749f754b3_JaffaCakes118
Size

289KB
MD5

b41b328cdd9f21edb774bcf749f754b3
SHA1

52d02591b9ff1bd82bbcef077dd343e8a3da17b7
SHA256

dfda8d6a66c667adf4a3530c768c45824dce5b7ce2c02b913e047b038e510f38
SHA512

7ef067c2ad2567d03b3595a5dc272b3291b468552a266fa80e03cf4cc9b189c46be87d6167e3a5b4b42a1a30dc78643dfb2eeec7f765a05ef9432a48c70d22cb
SSDEEP

6144:9h/INmd14rfX3f/out5QOQsOdo4zTVoYySq/g3RzclKJzPAsGAgu:97+fnoUAlu4zSY7TJzY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b41b328cdd9f21edb774bcf749f754b3_JaffaCakes118

Files

b41b328cdd9f21edb774bcf749f754b3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1c372311534116eeffdf56f3f6c69c5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
ExitProcess
GetProcAddress

user32

wsprintfA
MessageBoxA

Sections

.binfen0
Size: - Virtual size: 664KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.binfen1
Size: 283KB - Virtual size: 284KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.binfen2
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.binfen
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE