a5533daeaa0301aca43dcdd4e702dff1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a5533daeaa0301aca43dcdd4e702dff1_JaffaCakes118
Size

64KB
MD5

a5533daeaa0301aca43dcdd4e702dff1
SHA1

9995c857388fea3f09ca02451f749670c553a6c4
SHA256

ed9b5397341ac3285ef1777151d637552661b0b8c24153b6b0deca39f3f25988
SHA512

759b88d7e614018ebecad74fa9a2ac867246bb6de3bec069fdaf611a6b2acbc464c0738306a551dada60dee0c88cb06c5bacb62ae45bd449658dd42b649e05be
SSDEEP

1536:PBcqA6MaIBQO7SAXJ27wWDX37fuQqGrkOllIJU:P+qAbaIBF7/ZdqXLmQRQdJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5533daeaa0301aca43dcdd4e702dff1_JaffaCakes118

Files

a5533daeaa0301aca43dcdd4e702dff1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

de09b77ab879bbff3fc0272afaa041ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MapViewOfFileEx
GetConsoleCP
GetSystemWindowsDirectoryA
VirtualAlloc
GetCommandLineW
GetStdHandle
WriteConsoleOutputA
GetCommandLineA
GetModuleFileNameA
GetCalendarInfoA
ExitProcess
GetPrivateProfileStructA
GetConsoleTitleA
WinExec
_llseek
WriteProcessMemory
GetLogicalDriveStringsA
GetDiskFreeSpaceExA

user32

GetClipboardViewer
FreeDDElParam
GetDlgItem
BroadcastSystemMessageExA
ReasonCodeNeedsComment
DlgDirListA
GetWindowThreadProcessId
CheckRadioButton
ReasonCodeNeedsComment
DeviceEventWorker
GetWindow
IsHungAppWindow
InsertMenuItemA
CharNextExA

ntdll

RtlGetLastWin32Error

tapi32

lineDrop
lineCreateAgentSessionW
lineConfigDialogEdit

Sections

.textbbs
Size: - Virtual size: 796B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 52KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ