95415c67ac21e469de397d72adc00078_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

95415c67ac21e469de397d72adc00078_JaffaCakes118
Size

34KB
MD5

95415c67ac21e469de397d72adc00078
SHA1

77e9199f5d568b7fcca3e6d5a91de06c8b7698d5
SHA256

ab8681cd09651433799f8b26ea8d4c4f3de471da8ea3012e3ef6e2f6f389ba07
SHA512

971f55f00cf38dc4cc43ec6afe3b784b63e811f69c9bc01a338a6499d6ec17152794d76d390a65770130d40f75b1a908fbae47b3e6a10aa630cc5ffd113d762c
SSDEEP

384:eLboq+cKKvIYk3e/3EoIffYfLHE10X2Q9qCrbY25RwHduIM:VhKvGe/35IelICrbv5XI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95415c67ac21e469de397d72adc00078_JaffaCakes118

Files

95415c67ac21e469de397d72adc00078_JaffaCakes118
.dll windows:5 windows x86 arch:x86

1a0a2c30a35848dd881967e4a6912340

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SleepEx
GetTickCount
GetACP
GetModuleHandleW
MultiByteToWideChar
WaitForSingleObject
VirtualAllocEx
GetCommandLineA
GetModuleHandleA
GetCurrentProcess
GetCurrentProcessId

user32

GetDC
LockWindowStation
GetMessageW
GetWindowRect
DefWindowProcW
CreateWindowExW

gdi32

GetDeviceCaps
BitBlt
DeleteObject

Exports

Exports

MLVZI
ZDUICEL
GFTXHdYnSLhPNQ
yMNFXpRbgEFuuHW
iNVQZsRFjRIN

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ