a3000db1b9153aa40e9de655866e6b58_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a3000db1b9153aa40e9de655866e6b58_JaffaCakes118
Size

24KB
MD5

a3000db1b9153aa40e9de655866e6b58
SHA1

f1b82a4af90d5defdcc079acb4a0a63e1f047e4a
SHA256

159ba026199df2471cf2d211e03f426b4a477b62b27f52feca72a065b7dd93c6
SHA512

1402eb8f39920b9a56764f42ff30bdeb601c864ff4815e83a745a3dcbcf1165c2801020fbbe79ccd890ab4f82a8ecf761879492e9e51fdf4ce6b6e6ccb380d2e
SSDEEP

192:mQqKfH6SU0SMQ9uXkZA0lmq4c4LzcwOAVxqyb7v:6MH6SUeQ9K0lmN7fD/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3000db1b9153aa40e9de655866e6b58_JaffaCakes118

Files

a3000db1b9153aa40e9de655866e6b58_JaffaCakes118
.dll windows:4 windows x86 arch:x86

85c4728e6bef6fe6345c922b21cf6f01

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
TerminateThread
WaitForSingleObject
CreateThread
HeapFree
Sleep
GetProcessHeap
HeapAlloc

user32

SystemParametersInfoA
DrawTextA
GetDC
GetSystemMetrics
PeekMessageA
ReleaseDC
EnableWindow
GetDesktopWindow
ShowCursor
ClipCursor
RegisterHotKey
EndDialog
UnregisterHotKey
IsWindow
SendMessageA
TranslateMessage
SetWindowTextA
SetWindowPos
SetForegroundWindow
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
OffsetRect
ClientToScreen
GetClientRect
CloseWindow
IsWindowVisible
IsWindowEnabled
GetClassNameA
GetWindowTextA
DispatchMessageA
wvsprintfA
ShowWindow
GetWindow

gdi32

PatBlt
SetBkColor
SetTextColor

Exports

Exports

InstallPlugin
PluginVersion
TerminatePlugin

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 716B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ