dc5b8cd091a18330874c482c21bff82b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dc5b8cd091a18330874c482c21bff82b_JaffaCakes118
Size

42KB
MD5

dc5b8cd091a18330874c482c21bff82b
SHA1

fe5cf336eada05991756b6388d277404b08a5473
SHA256

f01891a0771e194d48c280dc85a7d764a9fddeb15e7e3fa3a6648e5ca482eeb4
SHA512

a7ce5e3c494756917de39c54788c82f98c92d73ad7059a0cc78c17f68bbf2f9db4ef1ad0d333cfed01079a1ec7d50c783fa2352edb74b765af8180d9899d5b75
SSDEEP

768:5rueZc6uK+rq5ebaMworHc/K1N6SZHfHSv2RgLp6F+JhtUlM7:Vue1e+URjw/qNNZHfk2OkFN4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc5b8cd091a18330874c482c21bff82b_JaffaCakes118

Files

dc5b8cd091a18330874c482c21bff82b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

21eb6245214a7aeb4ffd072bcdc09779

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualFree
ExitProcess
lstrcmpiA
VirtualProtect
IsBadReadPtr
GetProcAddress
LoadLibraryA
CreateThread
GetModuleHandleA

user32

DefWindowProcA
CreateWindowExA
RegisterClassExA
LoadCursorA
LoadIconA
SendMessageA
KillTimer
GetMessageA
DispatchMessageA
TranslateMessage
SetTimer

Exports

Exports

func1
func2
start

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 610B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ