0728917e485159f5afeab79563ed38e5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0728917e485159f5afeab79563ed38e5_JaffaCakes118
Size

41KB
MD5

0728917e485159f5afeab79563ed38e5
SHA1

6cf8e075115e229e0501237e9af4c788c8588e1c
SHA256

58045288537ccb9808285ad4bffa42026e2ab699e946edd0076dfc1fe56ab715
SHA512

b972a2b58d5c4c7ce4dcde71c680c66466051bd93ebdc74c5b29e2ee8efcc586796060562756a3b1a7e880c97ce2e2bc89351cd3840fa65dcdbe4efe8ca63543
SSDEEP

768:Feo/nd6PcF0T64NdmnXBy/bvA7ZP9XFFEmk+9l3qP+1xhOcUt:IoFYcF464TmnXByTo7t9X7EmL6WxhY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0728917e485159f5afeab79563ed38e5_JaffaCakes118

Files

0728917e485159f5afeab79563ed38e5_JaffaCakes118
.dll windows:5 windows x86 arch:x86

b81e606af37f39d9485c9357d70285c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualFree
GetTimeFormatA
ExitThread
GetLastError
VirtualQuery
GetDiskFreeSpaceA
OpenEventA
ExpungeConsoleCommandHistoryA
VirtualAlloc
GlobalSize
GetExitCodeProcess
VirtualFree
GetCurrencyFormatA
GetLogicalDriveStringsA
GetDriveTypeA
SetupComm

user32

PostThreadMessageW
PostThreadMessageA
MenuItemFromPoint
EnumDisplaySettingsExA
OemToCharBuffA
DrawFrame
GetClassNameA
EnableWindow
MenuItemFromPoint
CascadeChildWindows
LoadMenuIndirectA
IsCharAlphaA
PostThreadMessageA
GetMenuItemRect

Exports

Exports

SetRkbpqxmb
Tegiudewba
Cxmxchq
Opspjwofx
Bukfshqepdv
CloseMiqhrfhh
Pvfskma
Kklyudf
GetGnicspjsptt
Vxuewbxry
CreateCruowbmqmg
InitVxqvengkdnw
CreateUtkradus
Skjkwsk
Lxklcdv
Dikpgnmsonn
Krldxwvsokm
Wjrryqilgv
Nmsyojqpy
Qxmhhncrawe

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ