97763d3e1a11b825ce1a5b94bd2c0ba3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

97763d3e1a11b825ce1a5b94bd2c0ba3_JaffaCakes118
Size

64KB
MD5

97763d3e1a11b825ce1a5b94bd2c0ba3
SHA1

f8a56f799768ba880418857b281e2f687372a6de
SHA256

ca623b711ceacc8d6848ba5a19ebf075c8d2dc9a60289dc413e31c23b5c77aa4
SHA512

ccf11237509b37763e7de6acda7a5907a5e7446eaf32c2423c8db5e2a687aba741d00986efd091c95b020323cd22448d74f729c908dbe2b82384dc1027965a63
SSDEEP

1536:4CwTMQIUSgYjsuuXel7iHl2tQam6cUWq:FQIUSgSLwelOHLD1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97763d3e1a11b825ce1a5b94bd2c0ba3_JaffaCakes118

Files

97763d3e1a11b825ce1a5b94bd2c0ba3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dc98907cd660ff8c75a70bbf5e16bbc3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LZInit
VirtualAllocEx
GetProcessHeap
GetCommandLineA
ExitProcess
GetThreadSelectorEntry
GetStringTypeExW
ClearCommBreak
HeapCreate
GetStartupInfoA
GetThreadPriority
FindNextVolumeMountPointA
IsDebuggerPresent
ExitProcess
GetProfileSectionA
DeleteTimerQueueEx
Module32First

user32

LockSetForegroundWindow
DefFrameProcA
ChildWindowFromPointEx
MapDialogRect
PostThreadMessageA
AnimateWindow
GetMessageTime
RegisterWindowMessageW
SetWindowPos
UnregisterClassA
GetWinStationInfo
DlgDirSelectComboBoxExA
BuildReasonArray
LockWindowUpdate
SetWindowsHookExA
GetComboBoxInfo
ShowWindowAsync
MapDialogRect

gdi32

LineTo
StretchBlt
PatBlt
DeleteObject

advapi32

RegCloseKey
RegOpenKeyExA

Exports

Exports

Sxccwoem
EndJxppvplscqb

Sections

.textbbs
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 52KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ