bb75737080958a3a13a2f63c900cec18_JaffaCakes118 | Triage

Sharing

General

Target

bb75737080958a3a13a2f63c900cec18_JaffaCakes118
Size

1.6MB
MD5

bb75737080958a3a13a2f63c900cec18
SHA1

117f5e0be92d9a6e3f86980427f1eea0cce76503
SHA256

16cd383d75a3d2300846f2b2a563babc5bc3fccec6106f05b9d425aa541d77fd
SHA512

6dcb4a05b4cf125f927f9f06525aac2f2b446469013ec9ab1cc7c47ba0dd7b75ec3dbd067a3066a48e10a66d51e53d959b5e3335469a93c5e65d9bd7a2cc92ad
SSDEEP

49152:zVj9OoZI01+t/NJQ+sG/1pQLYhCP64DJivd:zVkeFSQG/880CGJMd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb75737080958a3a13a2f63c900cec18_JaffaCakes118

Files

bb75737080958a3a13a2f63c900cec18_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e35e6704e952709d82002d2e3fc666fd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

midiStreamOut

ws2_32

recvfrom

user32

TranslateAcceleratorA

gdi32

GetClipBox

winspool.drv

OpenPrinterA

advapi32

RegOpenKeyExA

shell32

Shell_NotifyIconA

ole32

CoUninitialize

oleaut32

UnRegisterTypeLi

comctl32

ord17

comdlg32

GetSaveFileNameA

Exports

Exports

myDLL

Sections

CODE
Size: 1.6MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE