43155ca61efb7d736baed9a3dd3356ec_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

43155ca61efb7d736baed9a3dd3356ec_JaffaCakes118
Size

94KB
MD5

43155ca61efb7d736baed9a3dd3356ec
SHA1

f4dc87af8b18db509e75ddd9fb72b65d3aad314b
SHA256

e4265e5ccc104bc3139057c5e99a1785959170cd7b815013958f0e27b33dee37
SHA512

a5c59cea9b20c28deb732612bab1914afb9fd14103ebbfa9af2032d266a0547af1fc2fbf2591795e871e148df3b3d6931c024053cf3d8af10245492654931fd5
SSDEEP

768:feyKfYNuhCEiK7v8s/ERubC6J5LZlw9767GO3CBI:fJKfYN0Js0WsZlpXyB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43155ca61efb7d736baed9a3dd3356ec_JaffaCakes118

Files

43155ca61efb7d736baed9a3dd3356ec_JaffaCakes118
.dll windows:5 windows x86 arch:x86

fefcf09bee4820e6f9285ffb1cceca69

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiA
GetLastError
SetFileAttributesA
GetSystemInfo
SleepEx
lstrcpyA
lstrcpyW
GetCommandLineA
HeapFree
ExitThread
HeapAlloc
GetProcessHeap
GetLocalTime
SetLastError
LocalFree
LocalAlloc
VirtualFree
VirtualAlloc
Sleep
GetModuleHandleA
GetEnvironmentStrings
GetSystemTime
GetSystemDirectoryA
lstrlenA
GetProcAddress
GetFileAttributesA

shlwapi

StrStrA
StrChrA
StrStrIA
StrCmpNW
StrToIntA

user32

EnableWindow
GetDlgItem
IsDlgButtonChecked
GetDlgItemInt
CharUpperW
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
EndDialog
SetFocus
SetDlgItemInt
CharLowerA
CheckDlgButton
LoadStringA
CharUpperA
CharLowerW
SendMessageA

Exports

Exports

ArentJar
DevelopmentAndy
PromisedFive
RainMovement
SkyAndy
TrickDraw

Sections

.text
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ