14b56ee9c09b2a544f2dccddf17ae4bb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14b56ee9c09b2a544f2dccddf17ae4bb_JaffaCakes118
Size

35KB
MD5

14b56ee9c09b2a544f2dccddf17ae4bb
SHA1

5346674536c6cc43f42558eb5709b5279f4da15f
SHA256

74dbb839d1915ef7fd7958785b63bb5bd2d7d81500a5fbaa92d46718e18a8150
SHA512

0cf1a0c94ab17d2c2b2d7fcb934a83aafd342ef12329367e84cc2a04c341c55147925da4182ce6f2d23f14b4ad8eb9679bd7315a8d0dcd11d363610eddb17d41
SSDEEP

768:+xsZPZrzAq6t/YlANcFh7qCBLuoV5SZiGXjtEJyfXw29xxF:+xsNZrEt/YlANSh7lV5SrjwyfXr9f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14b56ee9c09b2a544f2dccddf17ae4bb_JaffaCakes118

Files

14b56ee9c09b2a544f2dccddf17ae4bb_JaffaCakes118
.dll windows:5 windows x86 arch:x86

3ad74b802896b0065ad7786a10adee89

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

MessageBoxW

gdi32

SetTextColor

Sections

.text
Size: 29KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE