af43f5e3141f3b8ed6742fcebee7e0e2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af43f5e3141f3b8ed6742fcebee7e0e2_JaffaCakes118
Size

40KB
MD5

af43f5e3141f3b8ed6742fcebee7e0e2
SHA1

b171d9c2fd49c9a6ab11c12947af2ac0f6a7277d
SHA256

a4205aafdcbeabb78ce937b772015d7da8c7c6cf228786bc92a85ae2e7103668
SHA512

25dcdb17875627e3c93cc5028444a93c465a9cf712872c899ca13bf3ca4ce221dc0b7f727a4890e37c795a3eced4aaef3bfcc101518af727c9a10170159f1cb6
SSDEEP

768:ykFIv7ja/cLLogG2Q970gEu49aIAjEnTh28i0Hw6A6A8:yP4d2QnU6ET60Hwf6A8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af43f5e3141f3b8ed6742fcebee7e0e2_JaffaCakes118

Files

af43f5e3141f3b8ed6742fcebee7e0e2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

342e9dbaf86e88f4cdc1cff3f8d9fb99

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

OemToCharBuffA
MessageBoxA
MessageBeep
LoadCursorFromFileA
LoadCursorA
EndPaint
EndDialog
EmptyClipboard
DrawTextA
DestroyCursor
CreateIconFromResourceEx
CreateDesktopA
CopyRect
CharToOemBuffA
CharNextA
ActivateKeyboardLayout

kernel32

lstrcmpiA
ReadFile
MapViewOfFile
InitializeCriticalSection
GetVersionExA
GetSystemTimeAsFileTime
GetStartupInfoA
GetModuleHandleA
ExitProcess
EnumResourceTypesA
EnumResourceLanguagesA
CloseHandle

advapi32

RegQueryValueA
RegOpenKeyExA
RegCloseKey

Sections

.text
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ