35d41bfb5dba23c063c12acfb3b96dc1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

35d41bfb5dba23c063c12acfb3b96dc1_JaffaCakes118
Size

88KB
MD5

35d41bfb5dba23c063c12acfb3b96dc1
SHA1

c4b9f43fe33a0144bdfc2188159fb6cd107c0372
SHA256

d04f49353225be67bd9de19364cc3457d21b0801dc3e644381cfd2765e296f78
SHA512

9fa8b19b8536f92907c7a0a77c70fb90fc9165f846c25395a372f81003c6d83294def5b4ac258947c1a8a7120ebfebe8c5bc6a39b4f9ebea6296f4b0ce3f270c
SSDEEP

1536:wvsRBlbJMpKDnA4yZsMPQTwFs8H56A/ir/sFnx/W61wjN0:wkRBlbJE4neZRxPp/ir/anUl6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35d41bfb5dba23c063c12acfb3b96dc1_JaffaCakes118

Files

35d41bfb5dba23c063c12acfb3b96dc1_JaffaCakes118
.dll windows:23902 windows x86 arch:x86

b6c480913e098b1bc858b0d86a9add63

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineW
GetStartupInfoA
GetModuleHandleW
VirtualAlloc
VirtualAlloc
LeaveCriticalSection
SetFilePointer
GetProcAddress
GetVersionExA
GetStartupInfoA
SetFilePointer
GetStartupInfoA

user32

GetClientRect
GetDlgCtrlID
LoadAcceleratorsW
LoadStringW
GetDesktopWindow
PostQuitMessage
SetWindowTextW

Exports

Exports

SZTmLCFIk
lMFHUmSDo
kXfUVK
RPksLEJg
xLIJtTE
BnPLj
cegcm
mAHYvLvK

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ