a1d4ac3ef0daa0408d4d12c322e75d12_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a1d4ac3ef0daa0408d4d12c322e75d12_JaffaCakes118
Size

93KB
MD5

a1d4ac3ef0daa0408d4d12c322e75d12
SHA1

6be7ed00ef25aa29b7e19113f64318f37a6a7d1c
SHA256

ea88bd3ab9dee0ae8d2225f5db10948f4827a262247b9671a55d2c104410e79b
SHA512

6b2dd1aefb65cd946b151d44dd4e1b9f7b303e5a513f3b7b0f22e6dcf0525115f9b4c94e5fb6cda943d48fed972185af0a336a0325e40ef617d0c10ff9fe44f0
SSDEEP

1536:NeQlFMOmmmr4Mho43DiKhLFx2CX6Kg0wSivNIi287IscekXQXkyqJ8o8:fVmbr4MhoqiKhLeCX6H0yNIi2FhtACmN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1d4ac3ef0daa0408d4d12c322e75d12_JaffaCakes118

Files

a1d4ac3ef0daa0408d4d12c322e75d12_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5ddb3015fa62d7737fc2c5da9db2e948

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxIndirectA
OffsetRect
LoadAcceleratorsW
SetFocus
ShowCursor
GetWindowTextA
GetCursor
FillRect
EndMenu
EndDeferWindowPos
EnableWindow
EnableScrollBar
DrawIcon
DrawCaption
DestroyWindow
DestroyCursor
DeleteMenu
CreateIconFromResourceEx
CreateIcon
CreateDialogParamA
CreateCursor
BeginPaint
SetCursor
wsprintfA

kernel32

VirtualAlloc
EnumResourceLanguagesW
GetFileSize
GetStartupInfoA
GetSystemTimeAsFileTime
lstrcpynA
lstrcmpiA
lstrcatA
EnumResourceLanguagesA
TlsFree
SetCurrentDirectoryA
RtlUnwind

oleaut32

OleLoadPicturePath
RevokeActiveObject
SafeArrayAllocData
OleIconToCursor
SafeArrayAllocDescriptor

Sections

.text
Size: 25KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ