318c823024e80b9078a4e9f2b2f8c2fc_JaffaCakes118 | Triage

Sharing

General

Target

318c823024e80b9078a4e9f2b2f8c2fc_JaffaCakes118
Size

174KB
MD5

318c823024e80b9078a4e9f2b2f8c2fc
SHA1

1e52b9ead419cc2ff0f8804d1b085c891463777f
SHA256

d1e8e8fa4c35315a0bedb5fc2573f780e04cd5bbc14fabb14a262b137a0c7c34
SHA512

8c6863dd1315a18e631dd702e289a08e2a3a6d96901a962b40366e6365fc6ecce91daa1edd585b7637691ab3c325b620dc490f79a030e7f6fac813c78b7efab6
SSDEEP

1536:91moQj+PGsGxPe7iGZQAbPVkbMeWCkglT/BpnayY896GWdLkAWWZz5f/lGuDXsRk:jmoQjEiGZZLgJnG8dWxlbsqsRFW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
318c823024e80b9078a4e9f2b2f8c2fc_JaffaCakes118

Files

318c823024e80b9078a4e9f2b2f8c2fc_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c6ce08f606b877dc5926bfa2be921535

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
GetCommandLineA
GetModuleHandleA
GetStartupInfoA
GetVersionExA
InitializeCriticalSection
LoadLibraryA
MapViewOfFile
OpenFileMappingA
RtlUnwind
SetLastError
TlsAlloc
lstrcmpiA
lstrcpynA
lstrlenA

user32

MessageBeep
EndPaint
DrawMenuBar
CreateCursor

advapi32

RegCloseKey
RegQueryValueA
RegOpenKeyExA
RegLoadKeyA
RegEnumKeyA

Exports

Exports

Bcmqbwlb
Llreutiaed
Tdikb

Sections

.text
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ