487669ad9ac70eb9ed22e06bbce14f99_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

487669ad9ac70eb9ed22e06bbce14f99_JaffaCakes118
Size

41KB
MD5

487669ad9ac70eb9ed22e06bbce14f99
SHA1

a297ba70c1f1710c569f1488d29b9214ce566b1e
SHA256

d9db781e159140f72bfc934940422aadaa8cfbf4282e353d3a9279e89ed40231
SHA512

41f1693b8237834d642c56c01d24199956cc3cf5a7937b613bf4294142c58aa68355a3499106186dabd1009059859d224eb41949eb86081ea19988262be41a82
SSDEEP

768:MMCAHC6bzzkraw8wAzCWV2qQUAyicli+ZWQVwr9pVVeDOUpSF:NLiCk2w8NzCW0yXli+Zn6r9cJpSF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
487669ad9ac70eb9ed22e06bbce14f99_JaffaCakes118

Files

487669ad9ac70eb9ed22e06bbce14f99_JaffaCakes118
.dll windows:5 windows x86 arch:x86

82325ffd0192bea286f612752f431b37

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ResumeThread
ExitThread
VirtualAlloc
CreateNamedPipeA
ExitProcess
GetFileAttributesExA
VirtualProtect
SetFileApisToANSI
GetTempFileNameA
GlobalCompact
GetTimeFormatA
LocalFlags
SetVolumeLabelA
PurgeComm
SetInformationJobObject

user32

UnregisterHotKey
ModifyMenuA
PostThreadMessageA
SetMenuContextHelpId
ChangeDisplaySettingsExA
CopyRect
RemovePropA
BroadcastSystemMessageExW
EnumDisplaySettingsExA
GetMenuState
PostThreadMessageW
GetClassNameA
SetWindowLongA
CharLowerBuffA
GetDialogBaseUnits

Exports

Exports

Tbrrjyx
Cgdapoob
Invulnxg
BeginYrhmmatobby
Yxkxeongp
CreateVjpgmpoekxp
Cnoodotjcq
CloseTolsqpdconp
Mndjlwloby
Ybguyidjjd
Pmnewohm
Ytwhira
WriteVtmwwqdt
Daglatwll
CreateNptinpo
Kiynethiwf
IsEhgpfnjsen
IsBxtkdnow
OpenClxecuqdyes
InitTpcehswy

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ