47bdc57961b51e89ef0f271a5c793113_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

47bdc57961b51e89ef0f271a5c793113_JaffaCakes118
Size

182KB
MD5

47bdc57961b51e89ef0f271a5c793113
SHA1

30bcfd5d0d3a9b75c5dcd2a258da0c052efc0666
SHA256

02e1940b1d69d978a28be78973f7b9d85d443ff96820aa0d0392938683115c61
SHA512

e906ecdf5fd2d59246b62191615fdd7e602815bcfd7c9aa37f427a80cf9e6c62e971aed6841e1cf7dd85549dbfa746a02c0f197b309265a1a43a9eb44dabc3ea
SSDEEP

3072:xoke0joIYAFnhGEXKW1OSE3BPEcBLNjrK0x65f7C/eYEZdwvhUpV:neBIFhGmXEN7XXxamGN1V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47bdc57961b51e89ef0f271a5c793113_JaffaCakes118

Files

47bdc57961b51e89ef0f271a5c793113_JaffaCakes118
.dll windows:4 windows x86 arch:x86

246c20b97aa3ed3e25e2801c577b2749

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleFileNameA
GetPrivateProfileStructA
WritePrivateProfileStructA
lstrcpyA

user32

CreateDialogParamA
SendDlgItemMessageA
SetDlgItemTextA
GetDlgItem
EnableWindow
wsprintfA
SetWindowLongA
SendMessageA

msvcrt

??3@YAXPAX@Z
_purecall
_strdup
_adjust_fdiv
_initterm
_stricmp
malloc
__CxxFrameHandler
sprintf
free
??2@YAPAXI@Z
atoi

Exports

Exports

ConfigAudio3
CreateAudio3
FinishAudio3
GetAudioTypes3
SetConfigItem

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ