0affafc51289346f524aefbe169cf9d6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0affafc51289346f524aefbe169cf9d6_JaffaCakes118
Size

138KB
MD5

0affafc51289346f524aefbe169cf9d6
SHA1

be19e94f3143854dae3d6176e5d6115568967175
SHA256

fb6e660779aa0ca6e9764ebf7f6010bf4b3cd14632c7bb143303713fabffc553
SHA512

a0ef496210455dedcb0e107e48754c6d16904279c6893fd98e18091d47603a3a94de91aebb75fb0637396e9a59995666df7c662cfd19443d46086483fe7435cc
SSDEEP

3072:8XQSYhdE7giERjkgmVu3ggaLkp1eSpgJz3oktSApy:8XFYrWhER4g+Lkp9YzMA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0affafc51289346f524aefbe169cf9d6_JaffaCakes118

Files

0affafc51289346f524aefbe169cf9d6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a6756adb3feeacf85656827bd3856852

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
SetHandleInformation
WriteConsoleInputW
FlushInstructionCache
HeapWalk
GetTickCount
GetThreadPriorityBoost
GlobalUnlock
GetCalendarInfoA
GetWindowsDirectoryW
Sleep
LoadLibraryA

user32

SetRect
GetPriorityClipboardFormat
CreateDesktopW
wvsprintfW
GetMessageW
GetScrollInfo
SetWindowWord
ReleaseDC
UnregisterClassA
GetMessagePos
SetClassLongW

gdi32

SetPixelFormat
ResizePalette
GetBitmapDimensionEx
GetCharWidthA
OffsetWindowOrgEx
RectInRegion

Exports

Exports

DulrAfkgih
DulrBfsn
DulrBx
DulrDwsqam
DulrGgom
DulrHfjj
DulrHk
DulrIgy
DulrJycolt
DulrJzwlz
DulrLmhu
DulrLpml
DulrOj
DulrPoln
DulrRwkm
DulrSndwam
DulrTmig
DulrWdjxqb

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 418KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ