d449ab7ccc6835d5c3df14a19212f9c5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d449ab7ccc6835d5c3df14a19212f9c5_JaffaCakes118
Size

59KB
MD5

d449ab7ccc6835d5c3df14a19212f9c5
SHA1

39042cf1eafb09d320989a3a6e48662646869d13
SHA256

422b64ffa1142550e74bb34e6d656b3954800fe53e4d2bce9515c0f274b52f0a
SHA512

db78831dd2be2768e2d975c5cf9a973c54efff8c566553b2080e894257345d1f9467fc9e4768091e428a223f0c149a28ebbdfa0a6cefac03331bc466017bd015
SSDEEP

1536:0owU1xJ4Cbdi1fQpr5n8lV/17CoI+xFnHUYxfUnB6:0z0eIB5nK3vZxFHUYxfU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d449ab7ccc6835d5c3df14a19212f9c5_JaffaCakes118

Files

d449ab7ccc6835d5c3df14a19212f9c5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3a9c5393aec647d2799a080dd4b62b50

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

gdi32

GetPixel

wsock32

WSACleanup

wininet

InternetReadFile

Exports

Exports

bbb
nnnnn

Sections

CODE
Size: 54KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE