c932c7cabeec86de1ba2ad0b95587085_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c932c7cabeec86de1ba2ad0b95587085_JaffaCakes118
Size

26KB
MD5

c932c7cabeec86de1ba2ad0b95587085
SHA1

53c495f8879d3b1d5fa05626d598ba7d9734b6ca
SHA256

361280d467ce6a6fccbfbef95c0259a6da9738fe8db255479c675e50d0562d9d
SHA512

256de092cdc0272b541fee336748f298f9c3f93c4ef6e21c91cab35f44f82901b8374c266841edf7e5b307d770be18e9f483a2014dd0b0cdf34caa06bfcaf787
SSDEEP

768:EqvbYe+Yj/XHNko4cNvm+hk0zs04TMoi6:EqDh9bVNvm+hkku26

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c932c7cabeec86de1ba2ad0b95587085_JaffaCakes118

Files

c932c7cabeec86de1ba2ad0b95587085_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ee65ae4a7afa75f041a7cbb4e91d7464

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ChildWindowFromPoint
GetDlgItemTextW
GetKeyboardLayout
OpenClipboard

advapi32

AreAllAccessesGranted
CryptReleaseContext
DeregisterEventSource
GetAclInformation

kernel32

ExitProcess
GetProcAddress
LoadLibraryA
lstrcatW
VirtualProtect

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE