7763c50b6e57e4c89ecb185bfa961691_JaffaCakes118 | Triage

Sharing

General

Target

7763c50b6e57e4c89ecb185bfa961691_JaffaCakes118
Size

17KB
MD5

7763c50b6e57e4c89ecb185bfa961691
SHA1

3b6b1879edb0f7bbceacb5ef9eeb2a6be9764397
SHA256

83ec937b657053e3f6090d836a02d426c38c48884af6b45c0f764443532b521c
SHA512

77122dcf087f17078d9e681bbce96c6c522cfd673827a941223958f2226686e95f61fcc9fe85f9c5786341da476cf96b287e8302a2a11295e70bcac3e775d081
SSDEEP

384:WwizcUkxY0yc1mbZkj+BIe4kMMBKCl3YwVQKOKlrg:W/zcUiY0XIbZDBxC3CxGKl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7763c50b6e57e4c89ecb185bfa961691_JaffaCakes118

Files

7763c50b6e57e4c89ecb185bfa961691_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dd864f3a77720c5105300e9367085adc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA
GlobalAlloc
WideCharToMultiByte
CreateEventA
GetFileAttributesW
lstrcatA
MultiByteToWideChar
GetTempPathW
GetProcAddress
GlobalFree
LoadLibraryA
GetModuleHandleA
lstrcatW
CloseHandle
lstrcpyW
lstrcpyA
SetFilePointer
ReadFile
WriteFile
RtlUnwind
CompareStringA
CreateToolhelp32Snapshot
Process32First
lstrcmpA
CreateFileA

user32

DestroyWindow
GetWindowRect
GetFocus
wsprintfA
GetClientRect
SendMessageA
wsprintfW
SetWindowLongA
MessageBoxA
GetWindowLongA
CreateWindowExA
GetDlgItem
ShowWindow
CreateWindowExW
IsWindowVisible
SetWindowTextA
EnableWindow
CallWindowProcA
SetDlgItemTextA
RegisterWindowMessageA

advapi32

RegQueryValueExA
RegCloseKey

Exports

Exports

cool
feed
plem

Sections

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ