fe7e47c1b4360f328dd7c4de11f25054_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fe7e47c1b4360f328dd7c4de11f25054_JaffaCakes118
Size

41KB
MD5

fe7e47c1b4360f328dd7c4de11f25054
SHA1

f98fdf3d3e701335befff3ff2b6099e777c5a70c
SHA256

e9d2dda200e8fabdde5d6bbc552a0ce858958354c7d444be44589884ba16393d
SHA512

0f8c6ba5bb5a268785b02f5ce66ea47206d5799e32264679ab8e4ca3b2fe255ea3e42fb136915f2e2aa2390800b7fb9ca872f6394f9f6a79b3a487cb01474d28
SSDEEP

768:5GD9UuurJKMEerLTI3+2iSZZcGb+QXoj3AxQte:ID9U3FdFn+RzBKQxQY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe7e47c1b4360f328dd7c4de11f25054_JaffaCakes118

Files

fe7e47c1b4360f328dd7c4de11f25054_JaffaCakes118
.dll windows:5 windows x86 arch:x86

21eb6245214a7aeb4ffd072bcdc09779

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
VirtualFree
ExitProcess
lstrcmpiA
VirtualProtect
IsBadReadPtr
GetProcAddress
LoadLibraryA
CreateThread
GetModuleHandleA

user32

DefWindowProcA
CreateWindowExA
RegisterClassExA
LoadCursorA
LoadIconA
SendMessageA
KillTimer
GetMessageA
DispatchMessageA
TranslateMessage
SetTimer

Exports

Exports

func1
func2
start

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 610B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ