3b36e44222f700f6057e64aaae23724f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b36e44222f700f6057e64aaae23724f_JaffaCakes118
Size

230KB
MD5

3b36e44222f700f6057e64aaae23724f
SHA1

03bf4945b4ba0ca4e823b1cdd4679220bb507365
SHA256

0986a7a23168b8a876bb4c880821d55b3cc0ccb1f42749178c75c1439ca3a0a6
SHA512

e9aaa2a1764088ddfdba98073529478390105bddea80c2376befda9d42bfb5370da294530a58cb5291c7111582d3de324eea9a7145a43601d2aeff775eb869fb
SSDEEP

6144:1I2nHHE9Bvgkl/romg91ZmAU7LQsS/WfaidSF:15HEzYkl/rzok7LQ7uf5dW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b36e44222f700f6057e64aaae23724f_JaffaCakes118

Files

3b36e44222f700f6057e64aaae23724f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

364f814dd6e8c78d7cdce46e7892987e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ToAscii
ShowWindow
ShowCursor
OffsetRect
EnableScrollBar
CreateCursor
CopyImage
CharNextA

kernel32

FindResourceA
FreeResource
lstrcmpA
CompareStringA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueA

Sections

.text
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 151KB - Virtual size: 565KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ