f3a42130429a86510bb0f4932450afb8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f3a42130429a86510bb0f4932450afb8_JaffaCakes118
Size

91KB
MD5

f3a42130429a86510bb0f4932450afb8
SHA1

f1a855407ea2696851c203b6a28162a442d7964c
SHA256

3a63827ab8f37244db8b7a0ca273a4fd3fcfdc5a4d2c9433f257587a566d93d0
SHA512

2cebe6f81db82f1169a2794c900dc6f522076af23d3de8155d1925cda0fbd596090d2345ee8778b7f2a930bcb706a509ea858edb091adf9f177238cc35a4efe4
SSDEEP

1536:VxyWjIElAP08yNKHSI0Gzj8wexiccXtYTLpJGsb4qe+Z:VxpYP0tU/0G0wexsYTLvBle+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3a42130429a86510bb0f4932450afb8_JaffaCakes118

Files

f3a42130429a86510bb0f4932450afb8_JaffaCakes118
.dll windows:4 windows x86 arch:x86

cc733b67f71d380354ddd31c66b911e8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SetFocus
OemToCharBuffA
LoadMenuA
IsCharUpperA
GetMessageA
EndDialog
DestroyIcon
CreatePopupMenu
CreateMenu
CharUpperA

kernel32

TlsGetValue
lstrcmpiA
lstrcmpA
WriteFile
TlsSetValue
SleepEx
InitializeCriticalSection
FindResourceA
ExitThread
EnumResourceLanguagesA
CompareStringA

oleaut32

OleTranslateColor
RegisterTypeLib
RevokeActiveObject
SafeArrayAllocData
SafeArrayCreate
SafeArrayDestroy
SysReAllocString
SysStringLen
VarBstrCat
OleIconToCursor

Sections

.text
Size: 22KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ