d0085480cdb5e782c18cd0dd904684da_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0085480cdb5e782c18cd0dd904684da_JaffaCakes118
Size

353KB
MD5

d0085480cdb5e782c18cd0dd904684da
SHA1

b45cc0238cc1adbec4402effc1895b135dc91f02
SHA256

a61417d95b655e2eeb4117be49211edca068655652d4ac7374aff075c927565a
SHA512

0afc11ae0851ce0a150eaab09b265fc79d6f886b57333606332a73739c093a3a465004d4c5d49c71600e40037b3affcf259b226489eb000acb54ba3cdf5b3587
SSDEEP

6144:/Aj1Jmmnp3zUGW6a+Qy5KdkIqlKkmP/vVP813GT41h9la:/hNGW6vRoUlRm/VP81GOh9g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0085480cdb5e782c18cd0dd904684da_JaffaCakes118

Files

d0085480cdb5e782c18cd0dd904684da_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a4e2c26ad560937444e36051a366e3dd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

DestroyWindow

advapi32

RegQueryValueExA

ole32

CoTaskMemFree

msvcp80

??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z

msvcr80

_purecall

winmm

timeGetDevCaps

Exports

Exports

_getPlugin

Sections

.text
Size: 274KB - Virtual size: 984KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 62KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE