e0104c9208bda958e94fba450c2a898b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e0104c9208bda958e94fba450c2a898b_JaffaCakes118
Size

19KB
MD5

e0104c9208bda958e94fba450c2a898b
SHA1

f00de520ba7341de6f75730103824c724bb6fbf0
SHA256

0c1ca5405f43197ba4fe538b2e31dfd14568f2da7b664e2cf674ac72168dce90
SHA512

5b3252ff407320eb501a1b886217242f25fcba07075d4741a6d43aa4fa3e86620d288277061aa8ae2eae77da877f99fbe32d5de70dfffcd7f9757c8425563b58
SSDEEP

384:XNt+hBFbH2tuCg+Z/HDKJQ8yRY7MbsHVryvn5LRSz8q49A:9sBFbHzo9HDEQ/YA41ryzZd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0104c9208bda958e94fba450c2a898b_JaffaCakes118

Files

e0104c9208bda958e94fba450c2a898b_JaffaCakes118
.dll windows:5 windows x86 arch:x86

d18e979d1453586dee2039ffd3024621

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

MessageBoxA

d3d9

Direct3DCreate9

d3dx9_42

D3DXCreateFontA

msvcr90d

_free_dbg

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 13KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE