b4b419676e3f3a7c54574dd11d4e76b5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b4b419676e3f3a7c54574dd11d4e76b5_JaffaCakes118
Size

224KB
MD5

b4b419676e3f3a7c54574dd11d4e76b5
SHA1

0ee3e47f1ebbcc8164533350612817e3bdf6adfb
SHA256

7f40ab0fb18fafe7757ed9bfae850c73a4994fdcd701b7cf5df8d77e1404ddcc
SHA512

713a9760517b45955854e4b0ef655bcce0d73ef309e2b79d753a2967c5828b830ca1bd16242ae5da3769b55e7996f04dc1dd5f86026d988ad9c829d51b3ac58e
SSDEEP

3072:wirJnWhlfJjDQ5ycyuan3kQwFAmsyAC+ce0WF75e0G6+iAPWpoNDllUJyelop0l7:NJmfJjUYcyua3kQwK7I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4b419676e3f3a7c54574dd11d4e76b5_JaffaCakes118

Files

b4b419676e3f3a7c54574dd11d4e76b5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4cf5a46a4f296cecabe2e6017525b113

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\marya\Funbox\Funbox Project\MFunbox\ReleaseL\Lang\FBMA_HUN.pdb

Imports

mfc71lu

ord1093
ord371
ord1168
ord762
ord1079

mslur71

_onexit
__dllonexit
__CppXcptFilter
_adjust_fdiv
malloc
_initterm
__security_error_handler
memset
_except_handler3
free

kernel32

GetProcAddress
LoadLibraryA
VirtualAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 666B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ