dcb41a67accb1ac3d4bb537eb66c110f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dcb41a67accb1ac3d4bb537eb66c110f_JaffaCakes118
Size

42KB
MD5

dcb41a67accb1ac3d4bb537eb66c110f
SHA1

85552f9451f4d72665d256053f7d9ba5cf2c3f2a
SHA256

d5b2a075bb633ad9e2a718e07d61302b7600e0e0e9ad0e4c1ca3504c5b8f6125
SHA512

0ca817972e43c39debd8a7c4f221242264f30e2cbc78304f0350fa97d4a37c62bf29bcdd51544243e190de75ad59ff96387301606765727a797a12a696e3260a
SSDEEP

768:5S4tpuBr32jMzrUhoh9u73pc69IJSBdwb/StBkdorwhd:s4vkLzfioLI5cUA4wbqbCo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dcb41a67accb1ac3d4bb537eb66c110f_JaffaCakes118

Files

dcb41a67accb1ac3d4bb537eb66c110f_JaffaCakes118
.dll windows:5 windows x86 arch:x86

21eb6245214a7aeb4ffd072bcdc09779

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
VirtualFree
ExitProcess
lstrcmpiA
VirtualProtect
IsBadReadPtr
GetProcAddress
LoadLibraryA
CreateThread
GetModuleHandleA

user32

DefWindowProcA
CreateWindowExA
RegisterClassExA
LoadCursorA
LoadIconA
SendMessageA
KillTimer
GetMessageA
DispatchMessageA
TranslateMessage
SetTimer

Exports

Exports

func1
func2
start

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 610B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ