38ad8f52dd6f1a7783a25bb5d8458241_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

38ad8f52dd6f1a7783a25bb5d8458241_JaffaCakes118
Size

24KB
MD5

38ad8f52dd6f1a7783a25bb5d8458241
SHA1

218cb0a1302925eddc050f14a3126aec3fa7bdf5
SHA256

888dd2b2e1a6d37cbf05bbed4c832b1d138a2ca7b2f4c97149b99e5729ea1f44
SHA512

6d4a12ae032f6ab40641d608322c1f05cb07241617d13f072cf8b1910171c55241d010a21d4d6ca7da99e204bf6739e2cba5b39bfc2ccf1255608342ecb6eab8
SSDEEP

384:lh3cBxfg8P086lVrjnXUugOfGzhkl8IrrE/1gWjVQKeK2tt9d:X3cnfgpnnXUugOfyhkl8MrENgWj2K2f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38ad8f52dd6f1a7783a25bb5d8458241_JaffaCakes118

Files

38ad8f52dd6f1a7783a25bb5d8458241_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0e96fe0fa53c8a6d5be5a7c2ad60cff1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA
OpenProcess
GlobalAlloc
WideCharToMultiByte
VirtualFreeEx
CreateEventA
GetFileAttributesW
lstrcatA
MultiByteToWideChar
GetTempPathW
GetProcAddress
GlobalFree
LoadLibraryA
GetModuleHandleA
lstrcatW
CloseHandle
lstrcpyW
SetFilePointer
ReadFile
WriteFile
RtlUnwind
CompareStringA
CreateToolhelp32Snapshot
Process32First
lstrcmpA
CreateFileA
lstrcpyA
UnregisterWait

user32

DestroyWindow
GetWindowRect
GetFocus
wsprintfA
GetClientRect
SendMessageA
RegisterWindowMessageA
SetWindowLongA
MessageBoxA
GetWindowLongA
CreateWindowExA
GetDlgItem
ShowWindow
CreateWindowExW
IsWindowVisible
SetWindowTextA
EnableWindow
CallWindowProcA
SetDlgItemTextA
wsprintfW

advapi32

RegQueryValueExA
RegCloseKey
RegSaveKeyA

Exports

Exports

cool
feed
plem

Sections

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ