d45783d0d416e862933acbae9dd6818d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d45783d0d416e862933acbae9dd6818d_JaffaCakes118
Size

8KB
MD5

d45783d0d416e862933acbae9dd6818d
SHA1

61bb3ff46837be3314fe4dfb3154a87aa213eb31
SHA256

c4ea8aad16df70b087efba8f4fa101ab92adf7516506a2f61ecd212e8745f71e
SHA512

baafe774e95b008e0a3116d844cac78f2da91d6cdbbc89b3f8a8fec4cc708d046915f160364c33ea8607f5d6e9d3d6899fb83a50a6ccb666804290bfaf358d3f
SSDEEP

192:Iw8YF/QSfdgRH4OEbLZ65Nml6MGJcdt4GgZDkPrCYp:t/tfSRYvZINBMscgoWYp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d45783d0d416e862933acbae9dd6818d_JaffaCakes118

Files

d45783d0d416e862933acbae9dd6818d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c6a158b71017eb2ab5b66827f7f1384e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

gdi32

LPtoDP

msvcrt

_iob

user32

GetMenu

Exports

Exports

GetWord

Sections

.MPRESS1
Size: 6KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE