3803217c671c7057ffcf4f5ffc131994_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3803217c671c7057ffcf4f5ffc131994_JaffaCakes118
Size

157KB
MD5

3803217c671c7057ffcf4f5ffc131994
SHA1

92a108ab309e999f0ee3140500ca82ba06726190
SHA256

610c187b259c8911226fda3df65dc413e140b4ad7573f2323b41ce68b5fa1bd8
SHA512

f20325b09365e3104e335a276dc3b228d380f6c6a6c765fea1b8cbb7f6e0ddfc9045c04033575a0e9c8e1f3997c98adc93b57b3d7ad0148e4b0a91e8d6146e50
SSDEEP

3072:dqm6vUdzqLljSwSX26jWFVmJzm7/zloqYcz1++XDEaS2lGbKI/zTx8:ImgUdzq5+ljW+wzdYcz1tz9S60v2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3803217c671c7057ffcf4f5ffc131994_JaffaCakes118

Files

3803217c671c7057ffcf4f5ffc131994_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

g1q5s686
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

e1vwi8er
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

69hampnp
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dqidgycn
Size: - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

de5mnhw9
Size: 151KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

l.ku7ev8
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ