770e72552999d717b5cbe4c026c6e9ee_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

770e72552999d717b5cbe4c026c6e9ee_JaffaCakes118
Size

215KB
MD5

770e72552999d717b5cbe4c026c6e9ee
SHA1

d6ec5ed5c0ca898db25dd2633b3ceae50b6660d6
SHA256

e10ab5ef318b6dd4dc4fe666f30c1db0ce76ee776916355c2dfd59aeeffac3fb
SHA512

a7bc8b48a0081922ffcf6ccff4b68316d83a4f89e604fbe3309def8ce3dc117d6270fed72d69eca755fa1829cff5bb0f20f4ba2e38f28b25759386dea833faac
SSDEEP

6144:7h4ptBzLHPuBbccNsA7bSk7CSIwKCF8kqTsZg4:7hYXzzPub5KKbSk7Cw/mlTkB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
770e72552999d717b5cbe4c026c6e9ee_JaffaCakes118

Files

770e72552999d717b5cbe4c026c6e9ee_JaffaCakes118
.dll windows:4 windows x86 arch:x86

095172e783427c1a2072d5926f867e01

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

TranslateMessage
RegisterClassExA
PostQuitMessage
LoadIconA
LoadCursorA
GetMessageA
DispatchMessageA
DefWindowProcA
CreateDialogParamA

kernel32

lstrcpyA
lstrcatA
WriteProcessMemory
LoadLibraryA
GetProcAddress
GetModuleFileNameA
GetCurrentProcess
CreateThread
ExitProcess
ExitThread

comctl32

InitCommonControls

Sections

.text
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 723B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 405B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE