367b4c67c047e744c5fa04ed29987a5f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

367b4c67c047e744c5fa04ed29987a5f_JaffaCakes118
Size

19KB
MD5

367b4c67c047e744c5fa04ed29987a5f
SHA1

896ff2003352e1e0538cb59394579c607a66e16f
SHA256

688bf0aa7a7b14c39bc340441e7cb4432e7944f8ae3d1de152be9a18e16c93d8
SHA512

abb9e8938f9f616a151869cb81e6a2ef5bde1ed042c14b4a5ce71cac7fdd4b4611e7aef4c62b2296a9c51f5ea7c9e69d5f5c3081899f9036db0f1081324f6fac
SSDEEP

384:sEcHPrH7YlVfVqlukn1wfXjOc4WzBMoVQKOK/XtqNuAT8:NcvYlZvqUMoGKwNuAA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
367b4c67c047e744c5fa04ed29987a5f_JaffaCakes118

Files

367b4c67c047e744c5fa04ed29987a5f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e0deedd58505daf8a539b50159825501

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA
GetCurrentProcess
GlobalAlloc
CreateEventA
GetFileAttributesA
lstrcatA
MultiByteToWideChar
GetProcAddress
GlobalFree
GetModuleHandleA
CloseHandle
lstrcpyA
SetFilePointer
lstrcmpA
RtlUnwind
CreateFileA

user32

GetWindowRect
DestroyWindow
GetFocus
wsprintfA
SendMessageA
RegisterWindowMessageA
BeginPaint
SetWindowLongA
MessageBoxA
GetWindowLongA
CreateWindowExA
GetDlgItem
ShowWindow
IsWindow
CreateWindowExW
IsWindowVisible
SetWindowTextA
CloseWindow
EnableWindow
CallWindowProcA
SetDlgItemTextA
GetClientRect

advapi32

RegQueryValueExA
RegCloseKey

wininet

InternetConnectA

Exports

Exports

food
grab
plum

Sections

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ