JaffaCakes118_9bb74e2a1b3925184140f5a771b1e4638dfb5c61941bbc0b52809b3ca76b4887

General

Target

JaffaCakes118_9bb74e2a1b3925184140f5a771b1e4638dfb5c61941bbc0b52809b3ca76b4887
Size

306KB
MD5

d379426800655513192e568a2fc622cc
SHA1

0fb3e0593c4cdaa16e268c14b8af10c48adf88e7
SHA256

9bb74e2a1b3925184140f5a771b1e4638dfb5c61941bbc0b52809b3ca76b4887
SHA512

889617091b8362284422e6bc75c219c18ac7b024755919b145cd78989194af8d5992f1825d982426679eb9a9c4c3a913819945d1a2407568a62b0980d8f1ccb5
SSDEEP

6144:jhoF7ek1f8XsbqWHgv/M3ya5+P7kBBtDlfYzrhZMLQB:jSdek1f8XSZAv/3a52iCrIUB

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/c6f319a3eda16bef437421920e2945ab4b3101cb27ad2f291c3dacdf84bb2240.dll

JaffaCakes118_9bb74e2a1b3925184140f5a771b1e4638dfb5c61941bbc0b52809b3ca76b4887
.zip

Password: infected
c6f319a3eda16bef437421920e2945ab4b3101cb27ad2f291c3dacdf84bb2240.dll
.dll windows:6 windows x86 arch:x86

a6618e9400ff529b6609348741f1312c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
VirtualFree
LoadLibraryA
GetProcAddress

user32

SendMessageA
SetTimer
KillTimer
MessageBoxA

Exports

Exports

StartW

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 409KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 476B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ