bca2e5f0205df00f0fa100cf0b63dddd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bca2e5f0205df00f0fa100cf0b63dddd_JaffaCakes118
Size

160KB
MD5

bca2e5f0205df00f0fa100cf0b63dddd
SHA1

ec4a1dfba7b48067c69e7062795b7be1af1d7f9f
SHA256

4a7681624806b14abb7ecb2255df5dbcc2f96b5db9bf3cafcb66684a57ddcd4d
SHA512

4072fff3360d73d491f4f5368abb2bc0b09a0f0c41050cdefad566e1076a4827695d880a6064c886acf4f8fcf2db259a2c4504521739e738b120ffc3e73a38fc
SSDEEP

3072:sa91eiyw1QAuoO1Ijji6kO33jt7AeQCdLQTRe00:v91mw1qKjFZOCdL0e00

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bca2e5f0205df00f0fa100cf0b63dddd_JaffaCakes118

Files

bca2e5f0205df00f0fa100cf0b63dddd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4c81dbd9310ac3274d9c2ea4045a63b9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeResource
ResumeThread
LockResource
FindResourceA
LoadResource
SizeofResource
VirtualProtect
VirtualFree
LoadLibraryA
GetProcAddress
FreeLibrary
GetLocalTime
GetModuleHandleA
VirtualAlloc
GetLastError
VirtualFreeEx
CreateEventA
CreateFileA
TerminateThread
SetFileApisToANSI
CloseHandle
UnlockFileEx

user32

SetCursor
SetCursorPos
GetWindowRect
IsIconic
KillTimer
GetCursorPos
GetDesktopWindow
MessageBoxA
SetTimer
PostQuitMessage

msvfw32

DrawDibOpen

Exports

Exports

GetOut
MainReloader
ReadVA

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.sec
Size: 4KB - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsec
Size: 4KB - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ