d26d67e658ee4051e162ac0522cb70ae_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d26d67e658ee4051e162ac0522cb70ae_JaffaCakes118
Size

19KB
MD5

d26d67e658ee4051e162ac0522cb70ae
SHA1

f6c774045fe5193f94f08c0ddceced2ff20a9088
SHA256

6844899e51fc09493bb41df296fecb929bc2db38c341ff8484265cae6e70f1f5
SHA512

aada86c4f07546e655b07a7a2be759e8a47c4c825658f7cd48388b76edc99e241a63db4e2c74eb1963082f262fc680c52168385f79511202148fc59a8eef350a
SSDEEP

384:SW+kc6xFkg/ofqPoKnN1PZ9JPKN7Jw70MOmE4NjVQKOKJg:ykccFk+r+20MGsGKJg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d26d67e658ee4051e162ac0522cb70ae_JaffaCakes118

Files

d26d67e658ee4051e162ac0522cb70ae_JaffaCakes118
.dll windows:4 windows x86 arch:x86

80dd3caef106692eab0155f85027c656

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
CreateEventA
GetFileAttributesA
GetFileAttributesW
lstrcatA
MultiByteToWideChar
GetProcAddress
GlobalFree
ResetEvent
GetModuleHandleA
CloseHandle
lstrcpyA
lstrcpynA
RtlUnwind
SetFilePointer
lstrcmpA
CreateFileA

user32

DestroyWindow
GetWindowRect
wsprintfA
GetClientRect
SendMessageA
RegisterWindowMessageA
SetWindowLongA
MessageBoxA
GetWindowLongA
CreateWindowExA
GetDlgItem
ShowWindow
CreateWindowExW
IsWindowVisible
SetWindowTextA
EnableWindow
CallWindowProcA
SetDlgItemTextA
GetFocus

advapi32

RegQueryValueExA
RegCloseKey
RegLoadKeyW

wininet

InternetConnectA

Exports

Exports

cool
feed
plem

Sections

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ