33e7d8fd710d32727f08d71926d9f245_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

33e7d8fd710d32727f08d71926d9f245_JaffaCakes118
Size

28KB
MD5

33e7d8fd710d32727f08d71926d9f245
SHA1

bb6d6d87cb02fca82a3b101c87c354d99093d0dd
SHA256

40f335833784c78f61f8ecf95fcf636c98cc232c3e8835208bf92ac8f6cb57e2
SHA512

c6ddbb338cf9887d3b37123824ccf267a941292f53cb47d7207aa0eeff448a892db17669b83488918ffa379065278ec7f5dfed22021b2f9a1ab647151d1bf185
SSDEEP

768:fWj+nnKSy7fxqnWzoqTOuxVoCzc8ot9P+t+Z:f6+nXyFXnNdzctXG+Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33e7d8fd710d32727f08d71926d9f245_JaffaCakes118

Files

33e7d8fd710d32727f08d71926d9f245_JaffaCakes118
.dll windows:4 windows x86 arch:x86

05d46443a44d9ad56243fbdf0fa05c78

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
LocalAlloc
VirtualAlloc
VirtualFree
VirtualProtect

user32

BeginPaint
BeginPaint
CheckMenuRadioItem
CheckRadioButton
CreateMenu
CreateWindowExA
DestroyCursor
DestroyWindow
EndPaint
ExitWindowsEx
FindWindowExA
GetCapture
GetCursorPos
GetDC
GetDesktopWindow
GetSystemMetrics
GetWindow
GetWindowDC
GetWindowTextA
GetWindowTextLengthA
InvalidateRect
IsWindow
KillTimer
LoadCursorA
LoadIconA
LoadStringA
MessageBoxA
PeekMessageA
PostMessageA
PostQuitMessage
RegisterClassA
SetWindowLongA
SetWindowPos
ShowWindow
SystemParametersInfoA
TranslateMessage
UpdateWindow
ValidateRect
WaitMessage
wvsprintfA

gdi32

SetPixel
SetWindowOrgEx
StretchBlt
TextOutA

shell32

DragAcceptFiles
DragFinish
DragQueryFile

comdlg32

ChooseColorA
ChooseFontA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 17KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ