c1b76c94689f03f5e6239e64390a4094_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c1b76c94689f03f5e6239e64390a4094_JaffaCakes118
Size

92KB
MD5

c1b76c94689f03f5e6239e64390a4094
SHA1

4996cebaf33b50f87b1dbd9c534ca89b54822dd0
SHA256

6602e1005136b077526106a66af930d001829beb6548c4fd5672c2ec32e542b7
SHA512

e3503b14d22ccdeef77de33c96c8df956617d854480c826905dc96302ec50e20e8bb011c2466d25a6c693bab7b8cee660124293975abbc2b1750f7f4f1a41a49
SSDEEP

1536:FM+7VgCEebpeGTc1AvrhBGEQIJHoXSO6LNhgi01ml9fSpRw8knJdUp:O+5gCz1eGNHGEQcHWT6LNOi0g9W28knY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1b76c94689f03f5e6239e64390a4094_JaffaCakes118

Files

c1b76c94689f03f5e6239e64390a4094_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dd48eeba951a4dce630cff001c93e486

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

OemToCharBuffA
GetDlgItem
DispatchMessageA
DestroyIcon
CharUpperA

kernel32

SetEndOfFile
lstrcpynA
lstrcpyA
VirtualFree
VirtualAlloc
UnmapViewOfFile
CloseHandle
EnumResourceLanguagesA
EnumResourceLanguagesW
ExitProcess
GetModuleHandleA
GetSystemTime
GetSystemTimeAsFileTime
GetTimeFormatA
LoadLibraryA
LoadResource
OpenFileMappingA
ReadFile
RtlUnwind
SleepEx
Sleep

oleaut32

SafeArrayCreate
SafeArrayDestroy
SysFreeString
SysReAllocString
SafeArrayAllocDescriptor
OleIconToCursor
OleLoadPicturePath
RegisterTypeLib
RevokeActiveObject

Sections

.text
Size: 19KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ