4aa755023b2a63cb49f8ebae659b58f9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4aa755023b2a63cb49f8ebae659b58f9_JaffaCakes118
Size

1.5MB
MD5

4aa755023b2a63cb49f8ebae659b58f9
SHA1

89bbaa00b9fa5ff75a66210cb29082af7436526c
SHA256

396e13a2c0516a5c1d68c87f159b3d1e1c1e9d7db373e97d363539079ec95548
SHA512

369c11787077eb13522f69827b05e5bffeca7715fe5ce5d5bdf6be5de95165004d26a63641cca7d865fb10f25bb9e9192d80372adeedfd61d36598f033085712
SSDEEP

3072:Wz1WReE8F3PH/mvAKJrhqCaDfzqOK2D+PoKsLxvmzFekuNm04:Wz1WN8FCmfzqXoLxvmzZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4aa755023b2a63cb49f8ebae659b58f9_JaffaCakes118

Files

4aa755023b2a63cb49f8ebae659b58f9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dc8b5cc1f212930b73197fa2be3a85d5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CompareStringA
CreateIoCompletionPort
CreateThread
FindFirstFileA
GetComputerNameA
GetCurrentThreadId
GetEnvironmentVariableA
GetSystemDefaultLCID
GetVersionExA
GlobalLock
LoadLibraryA
LoadLibraryW
LocalUnlock
MulDiv
MultiByteToWideChar
SetThreadPriority
Sleep
TerminateProcess
WaitForSingleObject
WriteFile
lstrcpyA

user32

AppendMenuW
CallWindowProcW
CascadeWindows
CharNextW
DefWindowProcW
DestroyIcon
DispatchMessageW
DrawEdge
EndPaint
GetScrollInfo
GetShellWindow
LoadBitmapW
MessageBoxW
PostMessageW
RegisterClassExW
RegisterHotKey
SetWindowPlacement

Exports

Exports

SfcGetFiles

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ