ef7b554c4203bf3b00d6296fb520a12e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef7b554c4203bf3b00d6296fb520a12e_JaffaCakes118
Size

45KB
MD5

ef7b554c4203bf3b00d6296fb520a12e
SHA1

e4d7872895e3273762ab25695f4256383875b3bd
SHA256

11133f1cc45c3acdc106d835e0b253ebe9c3d1c0fdd2a0af666ca8379b3206e9
SHA512

c2f622c5fe74f205ea9c34e24b623dfe7edb9fce4ddf0d92734f1c639497197a1b2f9ce0e50a8a6329a81fbed931fa3837f452b9bf08c898ee17f3ca60f7693e
SSDEEP

768:sd0pK+5+FRWKeLddmVWfX8RC/Ni1BcbJU4BuM:sd0sTWbeVUMRC1jJJBuM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef7b554c4203bf3b00d6296fb520a12e_JaffaCakes118

Files

ef7b554c4203bf3b00d6296fb520a12e_JaffaCakes118
.dll windows:5 windows x86 arch:x86

54adb03920822bb32743c400bbf75a3e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
lstrcmpiA
GetProcAddress
VirtualProtect
LoadLibraryA
IsBadReadPtr
VirtualAlloc
CreateThread
GetModuleHandleA

user32

SendMessageA
KillTimer
DefWindowProcA
SetTimer
DispatchMessageA
TranslateMessage
GetMessageA
CreateWindowExA
RegisterClassExA
LoadCursorA
LoadIconA

Exports

Exports

dfdf
dfgdfgdfg
start

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 694B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 595B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ