1af1d9668b2f5a16ed534ad2f3ce3ae7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1af1d9668b2f5a16ed534ad2f3ce3ae7_JaffaCakes118
Size

163KB
MD5

1af1d9668b2f5a16ed534ad2f3ce3ae7
SHA1

e272fdc0d4c77e668283424b4c192a0372ec7031
SHA256

5ea2d6f8c92d12f9959e4affc982af280b5e4bb84d64a0a9568557fd56d014a0
SHA512

2fb5ac7d5963507d5e87568846a4be346e2861e523b17cda9b5ef9b9ae60116dc21b70628aa3816dc3f769ea686382a1640aa19840ac8b92ae9168e259060ce2
SSDEEP

3072:0DbVG5o73Ybg9j8w7KEqKjMU/GF6RyFoyXwEjcSsMxM+l:0DbViOqgh8w7Fcc66IFoyXwEAiz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1af1d9668b2f5a16ed534ad2f3ce3ae7_JaffaCakes118

Files

1af1d9668b2f5a16ed534ad2f3ce3ae7_JaffaCakes118
.dll windows:5 windows x86 arch:x86

ada7e26ffd18b7f5e5149e02640aa14d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcatW
CreateFileW
HeapAlloc
ExitProcess
GetProcessHeap
GetWindowsDirectoryW

user32

UnhookWindowsHookEx
LoadCursorW
GetDlgItemTextW
EnableMenuItem
DefWindowProcW
LoadIconA
TranslateAcceleratorW

comdlg32

GetOpenFileNameW
GetSaveFileNameW
PrintDlgW
FindTextW
CommDlgExtendedError
ChooseFontW

advapi32

RegOpenKeyExW

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 534B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ