667d3bc93442e2e5b78ba8bfd431722b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

667d3bc93442e2e5b78ba8bfd431722b_JaffaCakes118
Size

43KB
MD5

667d3bc93442e2e5b78ba8bfd431722b
SHA1

17df43c2ddf1eadef717a8c552ddfe8cc00f46b6
SHA256

1770058721fba49c50b84fe16fd5fce0eaab587a96c56332f4496e8c07183ecc
SHA512

039d5190d7300f85c91626ee1ba73faabb413f867e17bbe816924b59ffcbd44cf629394dc134a0eb993eea7c7cf7679edd721383361ced87eaf9b9b1a2a581f7
SSDEEP

768:HprfssORClkPNpxinvzxrOP2o6+gRGE/0LRakM7D1GoIvoiH52IamE/9JHUl0:HhgRCa3xibxrOP2+cGz4kM7JGoIvh520

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
667d3bc93442e2e5b78ba8bfd431722b_JaffaCakes118

Files

667d3bc93442e2e5b78ba8bfd431722b_JaffaCakes118
.dll windows:5 windows x86 arch:x86

f1cd1585aefe8a75254fa5942931415e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
VirtualAlloc
FindFirstFileExA
GetVersion
FindNextChangeNotification
QueueUserWorkItem
GetProcessShutdownParameters
CreateSocketHandle
SetConsoleCP
MulDiv
EnumResourceTypesA
QueryInformationJobObject
GetConsoleScreenBufferInfo
GetExitCodeThread
GetVolumePathNamesForVolumeNameA

user32

DialogBoxParamA
DrawStateA
SetDlgItemTextA
GetClipCursor
ClientToScreen
GetUpdateRect
SetMenuContextHelpId
FindWindowExW
OpenIcon
LoadIconA
GetParent
PostThreadMessageW
PostThreadMessageA

Exports

Exports

Vmekoawk
InitYvqivfrkak
Iwimdstylfl
CloseCbygdnwerri
CreateWphgdii
Anduvqox
Rvlmuwoo
OpenTxxxayltyaf
EndOkanqgv
Efldxrvb
Gwcckgi
Llgdrxnf
Utqjbcvitwy
Llprvft
EndAjbavmg
Okjfitvyy
Tyaootjtppw
OpenLquxriynfd
Wmrxbxfvm
EndBxvocetgtx

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ