be39d082b1afee682dc87912bb7fc010_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be39d082b1afee682dc87912bb7fc010_JaffaCakes118
Size

25KB
MD5

be39d082b1afee682dc87912bb7fc010
SHA1

cd8be53884c6267f39f76c98efb37622322b0d36
SHA256

83c0b3ad72c39aff163520db1e1694895f953d3ba2ea7c59607e802f0ab634c1
SHA512

9fbdab6725a2d4216e109430155dd47b6fefe3b00da904a9ccc8215c73b74140db31b5231adc40da48776426031ff6ac9a40e72b8e2655130b6e0bbc87b1ca01
SSDEEP

384:MBfhuGY4xyMj5M9hg2XUM9PpNedqsBbRf4NDV07SKYJ9AmQoSbgMm90B3mUh:8O/Dg/YpNedqceR3zJtQCtV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be39d082b1afee682dc87912bb7fc010_JaffaCakes118

Files

be39d082b1afee682dc87912bb7fc010_JaffaCakes118
.dll windows:5 windows x86 arch:x86

713f0f3be124c29122546b1cc3d7c6f9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

MessageBoxA

msvcr90d

_CRT_RTC_INITW

d3dx9_43

D3DXCreateLine

d3d9

Direct3DCreate9

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 18KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE