766afa3661910d92a100407b32bf346f_JaffaCakes118 | Triage

Sharing

General

Target

766afa3661910d92a100407b32bf346f_JaffaCakes118
Size

1.5MB
MD5

766afa3661910d92a100407b32bf346f
SHA1

952de9cd89d1bb54a29b08bb7695895fe322fa56
SHA256

8ee2f605987e0f4ad04dedefa5d830ddf35699b1c706245024ff7a0ef8e5e32f
SHA512

8d10c5e0b23bb5b992d8063f97a9e19de3b779b92a22163f4db975515245f03cca1962eff5b5880e912e89446dfbfee5e6d43b0d098b4de0fd451a3bd48dbe3b
SSDEEP

3072:7yIQN9mo8gaaP3ZoDRKCaaokR2zojjHLyORm+WVW9OmJIWFN:PQvbaEoFjryD0J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
766afa3661910d92a100407b32bf346f_JaffaCakes118

Files

766afa3661910d92a100407b32bf346f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0ced016412b69fc077855930b0e7eae7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetComputerNameA
GetCurrentProcessId
GetCurrentThread
GetDateFormatA
GetLastError
GetLocaleInfoA
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
Sleep
WaitForSingleObject
FindFirstFileA
FindClose
EnterCriticalSection
CreateThread
CreateIoCompletionPort
CreateFileMappingA
CreateEventA
CloseHandle

advapi32

RegQueryValueExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteValueA
RegCloseKey
RegSetValueExA

user32

AdjustWindowRectEx
AppendMenuA
BeginPaint
CallWindowProcA
CharNextA
CharNextW
CharUpperBuffA
CheckDlgButton
CopyRect

Exports

Exports

SfcGetFiles

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ