17761c03099c64b2fed9bc3997dbae73_JaffaCakes118 | Triage

Sharing

General

Target

17761c03099c64b2fed9bc3997dbae73_JaffaCakes118
Size

90KB
MD5

17761c03099c64b2fed9bc3997dbae73
SHA1

2ac07a9c6d672077c59e0b461c980e189c32314a
SHA256

95835a186dfa4cfd53712bd57af74d36626c948f3548a0d1b3699c64bd2383b9
SHA512

8640db718f130f2e9ac05f0539a2dbeb5a1d91df801c31f26e0561e3c2e8214bb0f582263bb5b140570c91918379148ec0720285af2b8ced90165fcfbc97ef2f
SSDEEP

1536:7am1Uwarulsnt0nTmzok+sW21STdDEIjnnL11CdckpL62g4ODtaN+hzqjSKGL5P:WHsWntemzokN/SqyLrkcJV70c5P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17761c03099c64b2fed9bc3997dbae73_JaffaCakes118

Files

17761c03099c64b2fed9bc3997dbae73_JaffaCakes118
.dll windows:4 windows x86 arch:x86

69a71696ccbf389585e1eb2a02e25a0f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ShowScrollBar
ShowCaret
EndDeferWindowPos
EmptyClipboard
DrawCaption
DestroyMenu
DefDlgProcA
CopyImage
CharLowerA

kernel32

HeapValidate
SetHandleCount
SetEnvironmentVariableA
HeapDestroy
HeapCreate
ExitProcess
CloseHandle
VirtualFree
TlsGetValue
SetLastError

advapi32

RegSetValueExA
RegQueryValueExA
RegEnumValueA

comdlg32

GetOpenFileNameW
GetFileTitleW

Sections

CODE
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ