db91a0cffff1497fd757193b31a2734b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

db91a0cffff1497fd757193b31a2734b_JaffaCakes118
Size

24KB
MD5

db91a0cffff1497fd757193b31a2734b
SHA1

d348a31bc831e9168f858a0b1063e0cf0a3f6b3b
SHA256

1cd0e4108b37e37380fa08f4bb82a56295adf8af88bf0fab9fec055cfb973416
SHA512

31c6380c257d9f067f8c418bfef8f4da923819183d928f216accc336c6799fdb6de0fe48cfbe639c6ac4bbfa4973767522a4b099253ecbe9109db9c302ceb602
SSDEEP

48:6OPw/gXQZSNlZXJOFBoq1tC6b0LvLVHBS54ZDR0KFiNqn0lohEJPh80+JjT6cyRK:W/gXQZS5q1s6uHI5yN0KytyW58Lmc8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db91a0cffff1497fd757193b31a2734b_JaffaCakes118

Files

db91a0cffff1497fd757193b31a2734b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

985ab85f7c3dcaa0f6e641caafe1b5bc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
ExitProcess
FreeLibraryAndExitThread
CreateThread
LoadLibraryA
Sleep
VirtualProtect
GetModuleHandleA
TerminateThread

user32

RegisterClassExA
UpdateWindow
CreateWindowExA
EndPaint
BeginPaint
DefWindowProcA
FindWindowA
GetActiveWindow
MessageBeep
SendMessageA
GetWindowLongA
TranslateMessage
TranslateAcceleratorA
DispatchMessageA
GetMessageA
CallWindowProcA
SetWindowLongA
MessageBoxA

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ