18e8ad0b966c65aac25c0b8e490861e0_JaffaCakes118 | Triage

Sharing

General

Target

18e8ad0b966c65aac25c0b8e490861e0_JaffaCakes118
Size

332KB
MD5

18e8ad0b966c65aac25c0b8e490861e0
SHA1

81efb842794f2fe4fe5a3a862b60da001b2320c5
SHA256

64d95cc243bdab4ac3babc82db63f97831dd891d7747b7f73f6583fbd0625385
SHA512

50047b0a9f809bfe68f2f0f86df917d26af2ef7f99bac57a81f48a3829d9658d1fa5db124158961cb4191a7bb2c82bbba51aae3eab971222ed3193d410ae6b32
SSDEEP

6144:65jnClp4WU9Vz/VMusvWp8dYWgquwjAKspiKdQ9uqlYonbjCGEI1BxR:65rkSWU/svWp8dpgqd0KspiKaYsYonbj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18e8ad0b966c65aac25c0b8e490861e0_JaffaCakes118

Files

18e8ad0b966c65aac25c0b8e490861e0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

fd0279b9cdcb1bb98f1a768ac2a99457

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

SHRegDuplicateHKey

kernel32

ConvertDefaultLocale
Beep
HeapAlloc
GetProcessHeap
HeapFree

user32

SetWinEventHook
GetMessageW
PostMessageW
IsDialogMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
UnhookWinEvent
GetParent
EndDialog
GetDlgItemTextW
wsprintfW
SetDlgItemTextW
SetFocus
GetDlgItem
GetWindowLongW
SetWindowLongW

winmm

mmioInstallIOProcA

Exports

Exports

zdpbiu

Sections

.code
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 866B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1B

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ