29d04b25e1965ef487df400fbdcc28d3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29d04b25e1965ef487df400fbdcc28d3_JaffaCakes118
Size

17KB
MD5

29d04b25e1965ef487df400fbdcc28d3
SHA1

b96238cc53f7eb498bef6305e9115b05d3766555
SHA256

984d36e08841ee883372416ca5a94432b2a5cdffc3c0dd682fec50656d12c967
SHA512

cbc3d55e05d2bb204fd320f3b37638739289c711f3e1ca636d0cd93324681a8a68202e5b48d337f98ea623d4f8a0c71d873bf36e146a36b1622c1a84874f4ba8
SSDEEP

384:GPkc2S0xCpbOXLegMConXlaCGxGu8mAqDMd7lVQKOKyyst:kkc2pCpKnMCQaCGEukqQXGKyy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29d04b25e1965ef487df400fbdcc28d3_JaffaCakes118

Files

29d04b25e1965ef487df400fbdcc28d3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

05b4c6b276b742e973532822f30119b8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA
GlobalAlloc
CreateEventA
GetFileAttributesA
lstrcatA
MultiByteToWideChar
GetProcAddress
GlobalFree
GetModuleHandleA
CloseHandle
lstrcpyA
SetFilePointer
RtlUnwind
lstrcmpA
CreateFileA

user32

DestroyWindow
GetWindowRect
wsprintfA
GetClientRect
SendMessageA
RegisterWindowMessageA
SetWindowLongA
MessageBoxA
GetWindowLongA
CreateWindowExA
GetDlgItem
ShowWindow
CreateWindowExW
IsWindowVisible
SetWindowTextA
EnableWindow
CallWindowProcA
SetDlgItemTextA
GetFocus

advapi32

RegQueryValueExA
RegCloseKey

wininet

InternetConnectA

Exports

Exports

cool
feed
plem

Sections

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ