dd4a4af85bf76a9f5c2cc465e08a5c16_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd4a4af85bf76a9f5c2cc465e08a5c16_JaffaCakes118
Size

16KB
MD5

dd4a4af85bf76a9f5c2cc465e08a5c16
SHA1

b82cfef4532771cd8425b2241078189f01308d75
SHA256

960094b7b92f601c7d17d19051923f8d6c474891102be2c1356d5426869f4159
SHA512

f0b1aa4982e4952ccdb72618bc2b1ca68feb359648b82e68b3eb1b33edda39fa76b2d9baffd09024455d23549c6aeb544e02c1ce3b853e6628c2a5dc023e2931
SSDEEP

384:DBt9eaGxHuUx8Ipv7JFfb2WLVzMRLr39KLC7vvxlL+:DBtUjNf1FT2sMVrb7D+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd4a4af85bf76a9f5c2cc465e08a5c16_JaffaCakes118

Files

dd4a4af85bf76a9f5c2cc465e08a5c16_JaffaCakes118
.dll windows:4 windows x86 arch:x86

69134ec4363430327b468988c141a391

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

mfc42

ord4407

msvcrt

free

user32

SetTimer

gdi32

BitBlt

Exports

Exports

?ulprnEnableDeviceControl@@YAXK@Z
?ulprnGetPreviewWindowHandle@@YAPAUHWND__@@XZ
?ulprnHasPreviewRange@@YAHXZ
?ulprnHasUseDevice@@YAHXZ
?ulprnLaunch@@YAHVCString@@0P6AHHJ@ZH@Z

Sections

.MPRESS1
Size: 12KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE