491b91fa45a21c0ec07313fa8874e7f4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

491b91fa45a21c0ec07313fa8874e7f4_JaffaCakes118
Size

140KB
MD5

491b91fa45a21c0ec07313fa8874e7f4
SHA1

35ca41111ec2fe187ff0e926416c58d8a88a586d
SHA256

fdc8a5fb4e96a233f7d1a2a7a3b2c4fd20876ef6ca7f43724c376595499e3a05
SHA512

ae61a11acba7893b95a64976acb14000cc7333b4b262780f6ec2f4902309c0108023b54148a43d707569d4ab9d2b2e110562fe0131cb64642fb90f0796c98636
SSDEEP

3072:SVJ67eLJRTM1nbcc+wNOoG5v2gkdLA/KIr7uwzszT8gemlzjRN7UNLoR:SVJ67P1gc+FoNzLCz2aszT8gtlnr70L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
491b91fa45a21c0ec07313fa8874e7f4_JaffaCakes118

Files

491b91fa45a21c0ec07313fa8874e7f4_JaffaCakes118
.dll windows:16836 windows x86 arch:x86

a0cddf6754c448e82aa6bab10fb233e7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SetForegroundWindow
DispatchMessageA
CopyRect
PostMessageW
WinHelpW
BeginPaint
GetParent
RegisterClassExW
SetCapture
MessageBeep
MessageBoxW

gdi32

CreateCompatibleBitmap
CreateFontIndirectW
DeleteObject
SetBkMode
CreateCompatibleDC
DeleteDC
PatBlt
DeleteDC
GetStockObject

kernel32

GetEnvironmentStrings
VirtualAlloc
GetModuleHandleW
CloseHandle
ExitProcess
GetCommandLineA

Exports

Exports

SRpIjzSp
NXOgFK
XgEMlC
MEZPaki
wNEapQ
lFSLY
ZZwFRquJPd
QtzGJn

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ