5a7cc3bf80195a22f4cd90e298b3bd09_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a7cc3bf80195a22f4cd90e298b3bd09_JaffaCakes118
Size

21KB
MD5

5a7cc3bf80195a22f4cd90e298b3bd09
SHA1

e3b299a9d9c8b591299d83c92ede9bc76c49e27e
SHA256

1d85e6fd7af624ce5944bc96fe68a98989ff3f0335d723415afb497fbb9392da
SHA512

f034174fbdb8d84b32a5abe11a31a261767aeceb70eae60df6d79c88a25561ee39bdd4e9e2a487da41af9e0846ea6938bb7c44fe07bf2a01d14b5b61b3d99f5b
SSDEEP

384:RG8MAcZV+TrTGgmvHdGXFRiDiUDCihhhNtWez4cVnSpfR:RRBGZ1GXbiDxDCihh3tWez4ISpfR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a7cc3bf80195a22f4cd90e298b3bd09_JaffaCakes118

Files

5a7cc3bf80195a22f4cd90e298b3bd09_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2af42d3794f03444461cee57935d7bab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileSize
CloseHandle
SetFilePointer
FreeLibrary
GetProcAddress
LoadLibraryA
IsBadReadPtr
Sleep
WideCharToMultiByte
lstrlenW
GetCurrentProcess
GetModuleFileNameA
WaitForSingleObject
GetLastError
CreateEventA
SetProcessShutdownParameters
OutputDebugStringA

wininet

InternetOpenA

user32

SendMessageTimeoutA
EnumChildWindows
CharLowerA
GetForegroundWindow
PeekMessageA
GetClassNameA
RegisterWindowMessageA

msvcrt

_strlwr
_stricmp
_adjust_fdiv
_initterm
strrchr
strcmp
free
strcpy
strlen
malloc
memcpy
strstr
strncpy
wcsncpy
sprintf
memcmp
_except_handler3
strcat
__CxxFrameHandler
wcstombs
_mbscmp
memset
_wcsicmp

ole32

CoInitialize
CoUninitialize

oleaut32

VariantClear
SysFreeString

Exports

Exports

M

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ