7609da0a4fe0be4c89ce9f8d7e48198f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7609da0a4fe0be4c89ce9f8d7e48198f_JaffaCakes118
Size

161KB
MD5

7609da0a4fe0be4c89ce9f8d7e48198f
SHA1

4c190513782de7fe84b38d85b2ebbebcf1fb6a97
SHA256

c41437daee7ce9fe249bce7e414ee2820d60e8b737127501c4c1710fb37e9a53
SHA512

7a751eb5fadf895f838833c668f8e984bbdd6d2234f7654dda722426573eb4ba96211101ef896ee7086b5f49eec00e0efecf7bef6d4341df5bc36d49c07a8280
SSDEEP

3072:bBVX/oE2y/JoLht8acLfVU+usFNqPUJBcmCXpywqZfyUutKl:/wEh+LgRLfq+u2kPmaCW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7609da0a4fe0be4c89ce9f8d7e48198f_JaffaCakes118

Files

7609da0a4fe0be4c89ce9f8d7e48198f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ea10d513ce191065b6084ec4d8c41f3b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileMappingA
CreateProcessA
DeleteCriticalSection
ExitProcess
GetACP
GetCommandLineA
GetCurrentDirectoryA
GetCurrentThread
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetProcessHeap
GetStartupInfoA
GlobalAddAtomA
HeapAlloc
HeapCreate
HeapReAlloc
LeaveCriticalSection
MulDiv
MultiByteToWideChar
ResetEvent
RtlUnwind
SetErrorMode
SetHandleCount
SetLastError
SetProcessWorkingSetSize
SetUnhandledExceptionFilter

user32

CreateMenu
FillRect
CheckMenuItem
RemoveMenu
ScrollWindowEx
GetScrollInfo
CheckRadioButton
BeginDeferWindowPos

comdlg32

ReplaceTextA

Exports

Exports

UpdateFromAppChange
W32N_MakeNdisRequest

Sections

.text
Size: 100KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ