be617b7d66ea3f424197b85913d755ac_JaffaCakes118 | Triage

Sharing

General

Target

be617b7d66ea3f424197b85913d755ac_JaffaCakes118
Size

15KB
MD5

be617b7d66ea3f424197b85913d755ac
SHA1

ac367d2b98f11f930750e046f6ce10a9fa223652
SHA256

d19e472fc210e2cad9390cad88c4cd949d8d5b60b9f874383d2bede6de5060eb
SHA512

bf2efbcf50bfa65d764b0e8ed9d45bb84fcb5e26ffde7c5195dc7af815c874e77b453895f3b01a920de4de2e028605211fe0b74693ae519261dbeab0fa6f03ad
SSDEEP

384:zbKXrQklJ1ye2rf+14IqNdSBmdsQhNq3gKF:ysklJ1E+8SBmP23g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be617b7d66ea3f424197b85913d755ac_JaffaCakes118

Files

be617b7d66ea3f424197b85913d755ac_JaffaCakes118
.dll windows:4 windows x86 arch:x86

74d6553bb793044e5cb5f7eaed670bd3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcat
InterlockedExchangeAdd
lstrcmpiA
SetEnvironmentVariableA
GetProcessHeap
CancelWaitableTimer
CreateWaitableTimerA
GetModuleHandleW
ExpandEnvironmentStringsW
CreateMutexW
VirtualLock
LoadResource
MulDiv
DeleteCriticalSection
VirtualUnlock
SetEvent

user32

SetRect
DrawTextA
FillRect
SendDlgItemMessageA
ReleaseDC
wsprintfA
GetDlgItem
GetCursor

gdi32

ChoosePixelFormat
GdiGetLocalFont
BRUSHOBJ_pvAllocRbrush
ColorCorrectPalette
CreateRectRgn
GdiConvertBrush
CreatePen
DrawEscape
UpdateColors

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 102B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ