225615c6e84f40ba985dfcfaecb11fc2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

225615c6e84f40ba985dfcfaecb11fc2_JaffaCakes118
Size

108KB
MD5

225615c6e84f40ba985dfcfaecb11fc2
SHA1

1173bafc49c638ee237f7517d3272b187b229b77
SHA256

16e1698b69bd9402c96140878926a3f515801368125205b42c91272c409a0ff2
SHA512

46dc4eb5e08fc015e507b8b671da2802aed5b2b11f05b7920543711040edf7f20565fd369cb4e0fc2c966268742d2203ad4690b36e34a4282d0434c321fbbf5a
SSDEEP

3072:FJ9iXhDE4qRQ5wSBnN2SMsX15khE+yHWcGU8nTgo:FfiX9E4uKBnNMsX1EENZH8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
225615c6e84f40ba985dfcfaecb11fc2_JaffaCakes118

Files

225615c6e84f40ba985dfcfaecb11fc2_JaffaCakes118
.dll windows:5 windows x86 arch:x86

2032e6e1833d513bdd2499426629ce47

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

L:\kkbge\kzeyocz\icmF.pdb

Imports

kernel32

GetExitCodeThread
GlobalHandle
lstrcmpiW
LoadLibraryW
IsBadWritePtr
GetProcAddress
CreateWaitableTimerA
HeapValidate
RemoveDirectoryW
LocalUnlock
lstrcatW
lstrlenA

shlwapi

StrCmpNA

user32

ShowScrollBar
IntersectRect
IsWindowEnabled
DestroyMenu
GetPropW
GetWindowLongW
VkKeyScanW
LoadBitmapW
GetMenuItemID
SendMessageW
MonitorFromRect
IsMenu

gdi32

ExtFloodFill
CreateRectRgn
OffsetViewportOrgEx
StartDocW
ScaleWindowExtEx
DPtoLP
OffsetRgn

Exports

Exports

?xvOpidenjnqGfVFaSMKpi@@YGEI@Z

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 98B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.temp
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ