64d18f5a7fcfbf85fa4f38291812427d_JaffaCakes118 | Triage

Sharing

General

Target

64d18f5a7fcfbf85fa4f38291812427d_JaffaCakes118
Size

129KB
MD5

64d18f5a7fcfbf85fa4f38291812427d
SHA1

76a3ead86711740178cf469555f6ab40667f46d3
SHA256

207f8e9286d25ab5b393277dbc486fa6620cb2d496d048e28fc3cd323160479d
SHA512

66738b14a570f4a0063bdf581b5a93dc67943614082a3715b9de81e1912a23b103dcc022252887bc53509f9a990b0a7f3cfe3106965cac419efebe85f5f84974
SSDEEP

3072:jNE8A7acUFuN8P878E6F3+0Z0Dc4RNj79:Zia9P8IE65v0DTj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64d18f5a7fcfbf85fa4f38291812427d_JaffaCakes118

Files

64d18f5a7fcfbf85fa4f38291812427d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

929f8a4dd07a536fab3f2697bf96e289

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CreateMDIWindowA
DefDlgProcA
DeleteMenu
DestroyCursor
DestroyIcon
DestroyWindow
DispatchMessageA
CreateIconFromResource
DrawTextA
EnableScrollBar
EndDeferWindowPos
EndDialog
GetCursor
GetDC
CreateIcon
CopyImage
CloseWindow
CharUpperA
CharToOemA
DrawStateA
CharNextA

kernel32

lstrcatA
UnmapViewOfFile
OpenFile
LoadResource
InitializeCriticalSection
lstrcpyA

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE