b92584453c150ed1c8f951647a7e79bd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b92584453c150ed1c8f951647a7e79bd_JaffaCakes118
Size

21KB
MD5

b92584453c150ed1c8f951647a7e79bd
SHA1

199c6ed0af4ffaac8a14a3e4c852dc4e57a902ba
SHA256

cf70757868bcfba8a6da484e291b39627c95af1989b7e167c09e79d2a4ece655
SHA512

d475fd97b653d4cdb3b2042c5b36a745f15ff5d93d98d4a5bc47cb0e4b4f1a68f704161e5b4f048fa0427e309e3618e1c2356da01020c6736b9cf90be6dbc40c
SSDEEP

384:1KpR7JfYgQSS+pp1k+Htn1cD/UqCihSlUKbMcVnSW:8WSfnDHjcDMqCihS+KbMISW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b92584453c150ed1c8f951647a7e79bd_JaffaCakes118

Files

b92584453c150ed1c8f951647a7e79bd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8179bd77d7dcfcb0cc3a2dcb74f62da4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileSize
CloseHandle
SetFilePointer
FreeLibrary
GetProcAddress
LoadLibraryA
IsBadReadPtr
GetCurrentProcess
Sleep
WideCharToMultiByte
lstrlenW
GetModuleFileNameA
WaitForSingleObject
GetLastError
CreateEventA
SetProcessShutdownParameters
OutputDebugStringA

wininet

InternetOpenA

user32

SendMessageTimeoutA
EnumChildWindows
CharLowerA
GetForegroundWindow
PeekMessageA
GetClassNameA
RegisterWindowMessageA

msvcrt

_strlwr
_stricmp
_adjust_fdiv
_initterm
strrchr
strcmp
free
strcpy
strlen
malloc
memcpy
strstr
strncpy
wcsncpy
memset
sprintf
memcmp
_except_handler3
strcat
__CxxFrameHandler
wcstombs
_mbscmp
_wcsicmp

ole32

CoInitialize
CoUninitialize

oleaut32

VariantClear
SysFreeString

Exports

Exports

M

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ