c14eadc9b9c83a5150a5f5d616f9fdf0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c14eadc9b9c83a5150a5f5d616f9fdf0_JaffaCakes118
Size

679KB
MD5

c14eadc9b9c83a5150a5f5d616f9fdf0
SHA1

121a45bf76d287ac7caa2187285ae9ef02586fa3
SHA256

02dd90280086b19134fa081d9e0444a1b3b3042aed284174c37febb16a548f61
SHA512

8ba6126f3905d0c6ec4be24ad1be6e6032332899dc2646c313f429c738cbe48ad319aaa9799c6a97c9d8be983d4a9e14ba04cbaef97e2908525593d3c683af28
SSDEEP

6144:83hatFPcUbXJNhRSBXoZGRNXw+xUwBbveulNef5j8:BZN7UXTjwqhj/2o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c14eadc9b9c83a5150a5f5d616f9fdf0_JaffaCakes118

Files

c14eadc9b9c83a5150a5f5d616f9fdf0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

bd227ba966c127e93fe82f25f211eaca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualFree
VirtualAlloc
GetProcAddress
ExitProcess
LoadLibraryExA
GetModuleHandleA
VirtualProtect
GetModuleFileNameA
HeapAlloc
GetProcessHeap
HeapFree

user32

wsprintfA
MessageBoxA

Exports

Exports

CreateObject

Sections

.data
Size: 225KB - Virtual size: 704KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_rl
Size: 288B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ