0de8706ded7bff5957904f536c42ffcf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0de8706ded7bff5957904f536c42ffcf_JaffaCakes118
Size

94KB
MD5

0de8706ded7bff5957904f536c42ffcf
SHA1

1b1fff2b8929daef556deaecb16795a5c0a42c41
SHA256

5da5c4056621274cf69398bb8bacec2d5ec5052596e566c826240fc19101216c
SHA512

7a082fa69e86fbc28aa77994cb85a5ee12d3f7f9b2ed4935b5ce8523dfeeb6508e20fb3f8df9b471828bd05c301b40ac07af6c28d1f5b9e0b540e8064057cb9b
SSDEEP

1536:pKHesuDzPo2IdB5TSlRxHrsmhJMjKUHjUojZcyW9WJonhRJQKPbjdBFBmMZt:AesazPo2ikhs+ijK2XjZXaW2QKP/NBb3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0de8706ded7bff5957904f536c42ffcf_JaffaCakes118

Files

0de8706ded7bff5957904f536c42ffcf_JaffaCakes118
.dll windows:5 windows x86 arch:x86

fa9c0d921c2b032bec3823543ac622fb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
VirtualProtect
GetModuleHandleA
ExitProcess
GetLastError
GetStartupInfoA
GetModuleFileNameA

user32

PostMessageA
SendMessageA

Exports

Exports

Lbdgpmh
Tddunniwp

Sections

.text
Size: 6KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA
Size: - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enill
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ