7554ef3ffe84a59dc06993c1c0ef3808_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7554ef3ffe84a59dc06993c1c0ef3808_JaffaCakes118
Size

152KB
MD5

7554ef3ffe84a59dc06993c1c0ef3808
SHA1

df71f1193a00e393832165688ac43758a2e36ea0
SHA256

dc5b5cb50276bc8746deb3d6fcad839f7c161ff8ab9b322a067d8a20844f43c1
SHA512

9bdd584aa3d7ac8957da7de2c7423c40ef3deecf76b9247d8af58503680409d2d56839fe8d67f9b82262ff35c6cbc705df29d5c6afa95a65e9f3c45205789091
SSDEEP

3072:y8//DEwu+zZNRq3JTctRGtbx3jEl4tS6dFMEe1SxcjJazq34W3YmIDlN:DjzPyJTWqFDdFlKVazq34W3Ym

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7554ef3ffe84a59dc06993c1c0ef3808_JaffaCakes118

Files

7554ef3ffe84a59dc06993c1c0ef3808_JaffaCakes118
.dll windows:5 windows x86 arch:x86

2622876c48c17c1aca2a16652e3a51be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\plAujoipbqIj\nsfXDGokf\MzpitwjKA\gQWFIuKbmmoi\TgHioTfnmsgeI.pdb

Imports

shlwapi

StrRChrA

user32

GetIconInfo
CallWindowProcA
GetUserObjectInformationW
CreateDialogParamW
wsprintfA
GetClientRect

gdi32

GetTextMetricsA
SetBitmapBits
GetDIBits
ScaleViewportExtEx
DeleteDC
RemoveFontResourceW

kernel32

GetModuleFileNameA
DeleteFileW
LoadLibraryW
FindCloseChangeNotification
IsValidLanguageGroup
CreateDirectoryA
GetModuleHandleA

msvcrt

_controlfp
fclose
__set_app_type
__p__fmode
__p__commode
_amsg_exit
_initterm
_ismbblead
_XcptFilter
_exit
_cexit
atoi
__setusermatherr
__getmainargs

Exports

Exports

H99|U
?CreateDlgMessage@@YGHPAXPADK|U

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 126KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE