709a4b60ac44ad9551c4a1292747f3c0_JaffaCakes118 | Triage

Sharing

General

Target

709a4b60ac44ad9551c4a1292747f3c0_JaffaCakes118
Size

83KB
MD5

709a4b60ac44ad9551c4a1292747f3c0
SHA1

477542ff6217fc3fe20d9a0c84164b5c63b6097a
SHA256

540606ad9ca9f8a298b150af79f855a94c290604e12f2d8e69027d511034d490
SHA512

93d3983db26b38b3d204c1a648f7a5b7f62a1a48c182ba60d1e863a86bfa6321f0457c9370062ad7a9bc32f270799fd6a807aacd1bb2d4b00dc4899e3526506a
SSDEEP

1536:GxBIn4QeiS1KiQs+x2eSmPqDaW1saCSQBpIVVVGEf1jGlQYMlD2L:xpbk+Y8q+W6jS3/GfiYM1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
709a4b60ac44ad9551c4a1292747f3c0_JaffaCakes118

Files

709a4b60ac44ad9551c4a1292747f3c0_JaffaCakes118
.dll windows:5 windows x86 arch:x86

6bfb3f0f133503bf4bd32b8a42283304

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

memset
malloc
free
memcpy
rand

comctl32

ord17

kernel32

CloseHandle
CreateMutexA
CreateEventA
VirtualQuery
GetModuleHandleA
WaitForSingleObject
SetEvent

user32

TranslateAcceleratorA
TranslateMessage
LoadStringA
GetMessageA
PostMessageA
LoadAcceleratorsA
MoveWindow
SetWindowPos
CreateWindowExA
InvalidateRect
GetScrollRange
SetScrollRange
SendMessageA
GetWindowRect
SetTimer
SetWindowTextA
DispatchMessageA
ShowWindow

Exports

Exports

?GetKJglfdjglfd@@YGPAXXZ
?GetKfdsjgld@@YGPAXXZ
?GetKfdskgod@@YGPAXXZ
?GetUfidgldfgd@@YGPAXXZ
?GetWjktfdyfhm@@YGPAXXZ

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ