a43ca677d6f6f4f49e20944fff6bc5a6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a43ca677d6f6f4f49e20944fff6bc5a6_JaffaCakes118
Size

188KB
MD5

a43ca677d6f6f4f49e20944fff6bc5a6
SHA1

31589a53d0c061ce4cafc9e496494418e1eb6701
SHA256

59c6fa3814fd990377e50e9e7c8444de82b776e5f3837fa75ec83f2d6730b716
SHA512

0e90135b9aad5e8530f2da0d656591c0de54d72686f20e6bc8a98334d44f8917263581350f38102d091781035a33f22f0830307336fd59f38041b3463e1f4ab2
SSDEEP

3072:+sHaqRWHDk8R0uzGs8FDrn6PPSszPYvbjVmRDVrWF631xyHa+TayXR1E78LLbG:+seNqNs8FDr6XS4PWmuF631CnagxL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a43ca677d6f6f4f49e20944fff6bc5a6_JaffaCakes118

Files

a43ca677d6f6f4f49e20944fff6bc5a6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f9b94a79e497c5466dd5cbe4f46581e4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

mfc42

ord4627

msvcrt

_snprintf

user32

EnableWindow

gdi32

GetObjectA

shell32

SHGetMalloc

comctl32

_TrackMouseEvent

ole32

CreateStreamOnHGlobal

olepro32

ord251

msvcp60

?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z

Exports

Exports

Config_Init
Config_MoveWindow
Config_Refush
Config_SetCallback
Config_UnInit
Config_languageInit

Sections

.text
Size: 176KB - Virtual size: 600KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE