84db567fd6209c6c27de6b710b3b1d74_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

84db567fd6209c6c27de6b710b3b1d74_JaffaCakes118
Size

1.5MB
MD5

84db567fd6209c6c27de6b710b3b1d74
SHA1

8d101721563e48c00389bea55416a25ed4f41fd2
SHA256

1bed007ab21227149011caad53c7071dd36cb4ce492698da4a458037b25583c9
SHA512

8da8860e7e855ebe2f6007a1d550f438b5d0cb59a331ae5c5cc54eaf70fb772f9e99bed3e0863dd430d087f531264b4bf44175f3237018f4d39e546c760a7886
SSDEEP

3072:C07J9mo8gaaP3ZoDRKCaaokR2zojjHLyORm+WVW9OmJIWFN:C0XbaEoFjryD0J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84db567fd6209c6c27de6b710b3b1d74_JaffaCakes118

Files

84db567fd6209c6c27de6b710b3b1d74_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2b8ee62de34187a9540a8f8bce5a7e54

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateThread
GetCurrentProcess
GetFileSize
GetLastError
GetProcAddress
GetTickCount
GetTimeFormatA
GetVersionExW
GetWindowsDirectoryA
GlobalAlloc
GlobalUnlock
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LocalSize
MulDiv
ReadFile
SetErrorMode
Sleep
VirtualAlloc
WaitForSingleObject
WideCharToMultiByte
lstrcatA
lstrcmpA
lstrcpynA
lstrlenA

user32

DestroyWindow
DispatchMessageW
DrawEdge
ExitWindowsEx
GetDC
GetMenuDefaultItem
GetMenuItemInfoW
GetWindowThreadProcessId
InflateRect
InvalidateRect
IsRectEmpty
IsWindowEnabled
RemoveMenu
SetFocus
SetScrollPos
SystemParametersInfoW
TrackPopupMenuEx

Exports

Exports

SfcGetFiles

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ