d347d62c3b8403eb69eb4f6f0961a70c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d347d62c3b8403eb69eb4f6f0961a70c_JaffaCakes118
Size

186KB
MD5

d347d62c3b8403eb69eb4f6f0961a70c
SHA1

68b6422740c4cdc4b4c19a5a9e889049401b6104
SHA256

8d0f288ca3c547272516b2da036c9418d6570835d8682dfe8f546e57973e4ae9
SHA512

bfe5c5fbb182a455aed4374c5a961044bb105350804d1ce7ec5cd4c0e884582e1a3cd591f30a716a476501d5b65a962c1872222a32f796f97034e8b6bfe7f263
SSDEEP

3072:q+FS4KdLUHXPOptswNF8G9yJQbzX8gcE:lFS4KNuGptswFDX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d347d62c3b8403eb69eb4f6f0961a70c_JaffaCakes118

Files

d347d62c3b8403eb69eb4f6f0961a70c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dc3eae38029203ee83d4bcc4e58b359d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
EnumResourceTypesA
ExitProcess
GetCommandLineA
GetFileSize
GetStartupInfoA
InitializeCriticalSection
LoadResource
RaiseException
RtlUnwind
SetLastError
VirtualFree
lstrlenA

user32

GetWindowTextA
LoadCursorA
OemToCharW
GetFocus
DrawIcon
CreateDialogParamA
CreateDesktopA
CharLowerA

advapi32

RegOpenKeyExA
RegLoadKeyA
RegEnumKeyA
RegCloseKey

Exports

Exports

Iezetuxa
Sitg

Sections

.text
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ