0dc25b6f78ceaf1b01206c841ebfa1c0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0dc25b6f78ceaf1b01206c841ebfa1c0_JaffaCakes118
Size

19KB
MD5

0dc25b6f78ceaf1b01206c841ebfa1c0
SHA1

e0dc690721bec06a8e71689acf9bde66ca55b675
SHA256

82b46c31285e5e650fe4dd7ab151273c0c4851936fc9f71a5c9a1283a08d7b45
SHA512

271048dffe8be7c4e3b668d04e77d0ca8c8a4b8e88f3f707de4d110638f4f1809f1c375ade55f6a3b1687aec12b7d3ef1f7fa118d76495df06c0e55cd88ee291
SSDEEP

384:w5jkcVW5taGFJ80RonnFqUDYRYta6zQVQKOK7C7124Z1:mkcOtaGAq7u1QGK7G17Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dc25b6f78ceaf1b01206c841ebfa1c0_JaffaCakes118

Files

0dc25b6f78ceaf1b01206c841ebfa1c0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1cc1fd8ec4a7fc1d668c2748c122cf4f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
CreateEventA
GetFileAttributesA
lstrcatA
MultiByteToWideChar
GetProcAddress
GlobalFree
ResetEvent
GetModuleHandleA
CloseHandle
lstrcpyA
lstrcpynA
SetFilePointer
RtlUnwind
lstrcmpA
CreateFileA

user32

DestroyWindow
GetWindowRect
wsprintfA
GetClientRect
SendMessageA
RegisterWindowMessageA
SetWindowLongA
MessageBoxA
GetWindowLongA
CreateWindowExA
GetDlgItem
ShowWindow
CreateWindowExW
IsWindowVisible
SetWindowTextA
CloseWindow
EnableWindow
CallWindowProcA
SetDlgItemTextA
GetFocus

advapi32

OpenProcessToken
RegCloseKey
RegQueryValueExA

wininet

InternetConnectA

Exports

Exports

cool
feed
plem

Sections

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ