296b724489b49ba8c086ffead31a8376_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

296b724489b49ba8c086ffead31a8376_JaffaCakes118
Size

240KB
MD5

296b724489b49ba8c086ffead31a8376
SHA1

fe69d0ecdcc30f5430ca34924ecf16637e333e7e
SHA256

7b0b98bb48dee41812f55f462371bcf6ff218a697b0dcccfa8c0a4de3e50dc24
SHA512

a0089ea44bcdad211eb1fef71a7634c3688e442e36b5018d7dd234417f2680b2dea0ef792e40d62a1d75010e6316cb448a04958e3840469abb5e371a951a3d96
SSDEEP

6144:rV2XDf6QwOXfmg5ts3631NEQsVIUv9V0saakDLQ:rVyDf6UXfxts3qbEDVWaWLQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
296b724489b49ba8c086ffead31a8376_JaffaCakes118

Files

296b724489b49ba8c086ffead31a8376_JaffaCakes118
.dll windows:4 windows x86 arch:x86

314a4858964dbe2a0f7c1e4334848c81

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

EndMenu
EndDeferWindowPos
DestroyIcon
CreatePopupMenu
CreateIconFromResource
CreateDialogParamA
CopyImage
ChangeMenuA
ActivateKeyboardLayout

kernel32

FreeResource
lstrcpyA
lstrcmpA
Sleep
LocalAlloc
LoadLibraryA
GetVersionExA
GetTimeFormatA
GetSystemTimeAsFileTime
GetSystemTime
ExitThread
GetLocalTime

Sections

.text
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 447KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE