30549bc3113adfc848a383b3d00e24a1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30549bc3113adfc848a383b3d00e24a1_JaffaCakes118
Size

175KB
MD5

30549bc3113adfc848a383b3d00e24a1
SHA1

a6dbe545c7c0554da82c8ad4902985ec93836bb8
SHA256

8df613e2f111f7ea990229bb3ca7180838300e50bc79c59472f362ef9c164851
SHA512

c9b50051940884e92cf92720c8afdecd22a339634890eec02ea20cbaf16cbcc3279d8510ae9289a974a9f9bde69046caf9579991800fe3adb12afdedb700d97c
SSDEEP

3072:9PKnLazo8n+c1RbpiuMR9OzkjoHOblOzDKVqaK07+D3GD47KY:Y8zwOz4o2YzAMWu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30549bc3113adfc848a383b3d00e24a1_JaffaCakes118

Files

30549bc3113adfc848a383b3d00e24a1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f06a44da3a198c93c484480e0d83cac8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
lstrcmpA
LoadLibraryA
lstrcatA
VirtualAllocEx
lstrcpynA
lstrlenA

user32

GetClassNameA
GetWindowDC
GetMenu
GetClassLongA

Exports

Exports

_hz28wRd@12
_y37Yc
uvFSR9RGU
__ORgXcLz2rQSU@16
_dA9cz
_FrCY9d
_IjgjNL8GcshanU@8
B9LYY@24
_es3MW4
XYS5Du7NIER@8
_zz5dvh421@16

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 150KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.reloc
.rsrc/0/DIALOG/TEXTFILEDLG
.rsrc/0/MANIFEST/1
.xml
.rsrc/0/RCDATA/DVCLAL
.rsrc/0/STRING/4094
.rsrc/0/STRING/4095
.rsrc/1033/BITMAP/BBABORT.bmp
.rsrc/1033/version.txt
.text