ffd59db87d25e98dc889d1c59f58e5b5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ffd59db87d25e98dc889d1c59f58e5b5_JaffaCakes118
Size

108KB
MD5

ffd59db87d25e98dc889d1c59f58e5b5
SHA1

d8ff4b13901bf3bdbd7ab6e18ed06e43f8791e86
SHA256

8ee1e07009940b0b62a1ea9a2b650bfefbd0b1cda0ac86d81807b033c0be7118
SHA512

80b3487b9b2ba87169bf5a18955857388253cdc9e148d03f6f00a6fee4b9f57ccc8680ab676c2877cbf975fc84c316af50a52c440ffc30553c136cffdae01e98
SSDEEP

3072:/P6vEGhA1U/epP/6Jwdv7lag3Sblko9XxlvBGq:Hm/epPUwBlaKjKXjZP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffd59db87d25e98dc889d1c59f58e5b5_JaffaCakes118

Files

ffd59db87d25e98dc889d1c59f58e5b5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

33e89128bb46ab8e555a1ee1ba60fcec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalFree
LocalAlloc
GetCommandLineA
DisableThreadLibraryCalls

user32

MessageBoxA
DispatchMessageA
GetMessageA
CreateWindowExA

Exports

Exports

WlxStartUp
exports

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ