ba8ff762ee1a111a92017ab0f9a040cd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba8ff762ee1a111a92017ab0f9a040cd_JaffaCakes118
Size

384KB
MD5

ba8ff762ee1a111a92017ab0f9a040cd
SHA1

eb5a7d97aa3f5880f0940f20e729ca7fad1c691f
SHA256

55320a2d37c4f22cd8abbc8747a32f71cb853f069f4139c3901c344faa5c15b4
SHA512

c1415e3b92d1b2f9a58b9cb38da7c7d450c61d134c2e9abb92237ca98421c1f7d4cd4f1bd8d5e13984a1a42381f4395b42808a1095b520cb949cf9e9fdac10b0
SSDEEP

6144:ByZlQTkgfSq+Xi8KF6w/f2YkM6laYOc69scDlHy0b+gxMQKZOx7U0m:BLk8j+dhYkvUa69ZlS0b1BKZO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba8ff762ee1a111a92017ab0f9a040cd_JaffaCakes118

Files

ba8ff762ee1a111a92017ab0f9a040cd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

16c00dab0006d282fa34df1b4290e62b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

SHRegDuplicateHKey

kernel32

ConvertDefaultLocale
HeapAlloc
GetProcessHeap
HeapFree

user32

SetWinEventHook
GetMessageW
PostMessageW
IsDialogMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
UnhookWinEvent
GetParent
EndDialog
GetDlgItemTextW
wsprintfW
SetDlgItemTextW
SetFocus
GetDlgItem
GetWindowLongW
SetWindowLongW

winmm

mmioInstallIOProcA

Exports

Exports

ugkc

Sections

.code
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 866B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 332KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1B

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ