e817a065173d5ef309c718a92378e41a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e817a065173d5ef309c718a92378e41a_JaffaCakes118
Size

103KB
MD5

e817a065173d5ef309c718a92378e41a
SHA1

f006ebdcfb1f0b1e2e790cd10489130e26af9873
SHA256

6b916b712a0912714750a43561f2aa271ef2ac48fc2d2c67c1e94e1ac5167b53
SHA512

fee8a64cd6e4fa63c5559b0173fec221afca699322602d67c913ca0fa9b8bc9478587826cc40551507d33009df8728e7e73d7335fd654bd10f62db1f4aa18004
SSDEEP

3072:wyWaW5C4QkLdoqBI07sBLeXCZIKBOYD61zuhS:RYC6LFBaBpGKIjE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e817a065173d5ef309c718a92378e41a_JaffaCakes118

Files

e817a065173d5ef309c718a92378e41a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ac9fd95877fc6f5ccc6723aace6a3c71

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SetFocus
OemToCharA
MessageBoxIndirectA
LoadMenuA
LoadAcceleratorsW
IsCharLowerA
GetCursor
EndPaint
EndDialog
EndDeferWindowPos
EnableWindow
EnableScrollBar
DrawTextA
DestroyIcon
DestroyCaret
CreateCursor
CopyImage
CharToOemA
CharPrevA
wsprintfA

kernel32

FreeResource
FindResourceA
EnumResourceLanguagesW
GetPrivateProfileStringA
GetTimeFormatA
InitializeCriticalSection
OpenFileMappingA
SetCurrentDirectoryA
lstrcpynA
lstrcpyA
lstrcmpiA
lstrcmpA
WriteFile
VirtualFree
UnmapViewOfFile
GetFileSize

oleaut32

SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCreate
SysFreeString
SysStringLen
VarBstrCat
RegisterTypeLib

Sections

.text
Size: 27KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ