59d2e0225e8b8cd1c569737788b9f203_JaffaCakes118 | Triage

Sharing

General

Target

59d2e0225e8b8cd1c569737788b9f203_JaffaCakes118
Size

111KB
MD5

59d2e0225e8b8cd1c569737788b9f203
SHA1

994acd32d2dade619a2ebda3a6c7cf819234d049
SHA256

55a1e856594b1080d9ec41307c18f2883535126d35ae05e1dd3145fc84d5c6c3
SHA512

4d3b998b57c378f784cd7660e731a2e30cea0902b84bc1a5133eae764077fd0ad2a8248bc1a310e0f47fedccdbb20b352b33f9961d0a745fb9b26d14e7fc3dc8
SSDEEP

3072:ILAVufD7GEDaSTJDKBFvTOU8DY2Kgm9y0dz5b0G7:BVuf2kaSFKXvTO38jFzv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59d2e0225e8b8cd1c569737788b9f203_JaffaCakes118

Files

59d2e0225e8b8cd1c569737788b9f203_JaffaCakes118
.dll windows:5 windows x86 arch:x86

d85b506f168ad41cc3946441458a529a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_except_handler3
free
malloc
memset

kernel32

LoadLibraryA
GetLastError
OutputDebugStringA
LoadLibraryW
GetModuleFileNameW
GetProcAddress
GetModuleHandleA
GetModuleHandleW

user32

DialogBoxParamA
IsDlgButtonChecked
GetWindowLongA
WinHelpA
LoadStringA
CheckDlgButton
SetWindowLongA
EndDialog

hypertrm

sessQueryTranslateHdl
sfPutSessionItem
sessQuerySysFileHdl
sfGetSessionItem

Exports

Exports

transCharIn
transCharOut
transCreateHandle
transDestroyHandle
transDoDialog
transInitHandle
transLoadHandle
transSaveHandle

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ