347efbff49b68952f84cae8a19dad687_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

347efbff49b68952f84cae8a19dad687_JaffaCakes118
Size

112KB
MD5

347efbff49b68952f84cae8a19dad687
SHA1

11ab267cc26ca16be52358778c493b5a47bb52f9
SHA256

4910354bd0be477729cee18eff701db7f31cbbe2edbd3b81513c6a1a9d2143e4
SHA512

4cda9520f87250a3c277a4aa3966392fbc6c2b0ce136720b4db361af2714bc3f902c961c126ad9eef1b7919e756cf3907cd5ef2b8188fa9ec049eb461c5229a3
SSDEEP

1536:myb1KTZIWLBIzkaRUhRy98gq61fqKU+82zW9tUZOgC8j9vfVV5OyQ/:rbnWL2xUm98M5c2aUcKjZfH5/Q/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
347efbff49b68952f84cae8a19dad687_JaffaCakes118

Files

347efbff49b68952f84cae8a19dad687_JaffaCakes118
.dll windows:4 windows x86 arch:x86

03df9e70f6376039ec48bb617f8114b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCPInfoExA
GetVolumePathNameA
GetPrivateProfileSectionNamesW
WriteConsoleOutputA
FindNextFileA
ExitProcess
GetConsoleOutputCP
GetCommandLineW
VirtualAllocEx
OpenFileMappingA
WriteConsoleOutputCharacterA
GetSystemWindowsDirectoryA
GetCurrentProcess
GetCurrentThread

user32

GetDCEx
GetWinStationInfo
ShowWindow
TileWindows
ScreenToClient
EnumWindowStationsA
MapWindowPoints
RegisterUserApiHook
InvalidateRgn
LockWindowUpdate
TileChildWindows
InvertRect

gdi32

GetRasterizerCaps

Sections

.text
Size: 100KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbbs
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ