41da9002f1d6d3ff2fbdc1291ef1cd3d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

41da9002f1d6d3ff2fbdc1291ef1cd3d_JaffaCakes118
Size

112KB
MD5

41da9002f1d6d3ff2fbdc1291ef1cd3d
SHA1

d204b4cf81f88e79d6d7c3b76c63fba2f16b9277
SHA256

1cb19cc1f40c7427bcca8c85b5baad22e40b0976bb80372de3fd41ff74da3788
SHA512

12b257b8b99e23ed11d590090bb383c8a7991994b2faa41def841cf16b69e3910df1bb325128c2deab4d52d0a2409f654e47ef9ee73569a495c32462be3aa804
SSDEEP

1536:eDtM7AEXlzd7ZJqeUZN+41YBWeNySf5wy4Gsg6W6QVbXA+U/Epgg7wEyr:gtUXb723i413Uf5L96z6w+Us+g7wX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41da9002f1d6d3ff2fbdc1291ef1cd3d_JaffaCakes118

Files

41da9002f1d6d3ff2fbdc1291ef1cd3d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7ce0e5e3a4c6b4d45f36782b09458445

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetPrivateProfileSectionNamesW
GetComputerNameA
VirtualAllocEx
GetSystemTimeAsFileTime
SetLocaleInfoA
GetTapeParameters
ExitProcess
GetCurrentProcess
WritePrivateProfileStructA
GetCommandLineW
SetThreadPriority
lstrcpyn
SetComputerNameA

user32

CheckRadioButton
SetMenu
GetForegroundWindow
GetSystemMenu
InvalidateRgn
DefDlgProcA
CopyAcceleratorTableA
DrawCaptionTempA
GetDCEx
LockWindowUpdate
GetMenu

gdi32

GetRasterizerCaps

Sections

.text
Size: 100KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbbs
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ