74d41ea9390c938df3dabc439e860027_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

74d41ea9390c938df3dabc439e860027_JaffaCakes118
Size

52KB
MD5

74d41ea9390c938df3dabc439e860027
SHA1

20ba5c1e46aa1385b44340f885ccbe8841f0c61e
SHA256

52a86ef665273e1e70ee9a9cc8fcb3319a77c515b160bc63fa5bde597da9d743
SHA512

e289238223c77173c4d1a2c180a258b6b239a75f25e878bf4db0f1b11671c923fd370e09a10a61144cde3293707187cdce84f56c04eb32835e5fc22ae9b7b88d
SSDEEP

768:MORd75+cxIUfy5ozbEoOEqiuY7WHq2ueR0AUi/MJrXLLH5dDLdB+/Fd8Poh35rLu:L5+cxxy5IEQLWK7eD/mXfDBQ4Hbp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74d41ea9390c938df3dabc439e860027_JaffaCakes118

Files

74d41ea9390c938df3dabc439e860027_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c499feb2f15d67efd0653cce5afee95a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
ExitThread
FlushFileBuffers
GetACP
GetCommandLineA
GetCommandLineW
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentThreadId
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetVersion
GlobalMemoryStatus
GlobalUnlock
HeapAlloc
HeapCreate
HeapReAlloc
IsDebuggerPresent
IsValidCodePage
LCMapStringA
LeaveCriticalSection
MultiByteToWideChar
PulseEvent
RtlUnwind
SetEndOfFile
SetLastError
SetUnhandledExceptionFilter
TlsSetValue
lstrcmpA
lstrcpynA
lstrlenA

user32

IntersectRect
OffsetRect
ExitWindowsEx
SendMessageTimeoutA
CheckMenuRadioItem
EnumWindows
EnableMenuItem
DeferWindowPos
PostMessageA

ole32

CoCreateGuid
CoTaskMemAlloc
CoFileTimeNow
CoCreateInstance

winmm

joyGetPosEx
joyGetThreshold
sndPlaySoundA
timeGetTime
joyGetNumDevs

Sections

.text
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ