da3b2ec568f403aa42c623db6b8c5ce6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da3b2ec568f403aa42c623db6b8c5ce6_JaffaCakes118
Size

19KB
MD5

da3b2ec568f403aa42c623db6b8c5ce6
SHA1

affd58942329c21775e3bae6d71c4ad9e829cf0a
SHA256

29d0df0b2767c67a5be76c17eb437308492e414e4ca6ab7594c367d0718ce4fd
SHA512

1395c21b5c7430f2d8cdf94fc13bb4bcfcc3b6f171e93dd162bb866125de4af6064f05c201c2a2da04c3d5e4390f4b433dd91b7298606d2668d9ccec690b00c8
SSDEEP

384:Qh8ccxGOepIk+mQnTdM7q9OdNmJr1IPMJ3LVQKOKJ:Y8cqGOK97NqmPMRLGKJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da3b2ec568f403aa42c623db6b8c5ce6_JaffaCakes118

Files

da3b2ec568f403aa42c623db6b8c5ce6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

fa3a6b79a374ea309d677acca2c8d2bb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA
GlobalAlloc
WideCharToMultiByte
CreateEventA
GetFileAttributesW
lstrcatA
MultiByteToWideChar
GetTempPathW
GetProcAddress
GlobalFree
LoadLibraryA
GetModuleHandleA
lstrcatW
ReleaseMutex
CloseHandle
lstrcpyW
lstrcpyA
SetFilePointer
ReadFile
WriteFile
RtlUnwind
CompareStringA
CreateToolhelp32Snapshot
Process32First
lstrcmpA
CreateFileA

user32

DestroyWindow
GetWindowRect
GetFocus
wsprintfA
GetClientRect
SendMessageA
RegisterWindowMessageA
wsprintfW
SetWindowLongA
MessageBoxA
GetWindowLongA
CreateWindowExA
GetDlgItem
ShowWindow
CreateWindowExW
IsWindowVisible
SetWindowTextA
EnableWindow
CallWindowProcA
SetDlgItemTextA
BeginPaint

advapi32

RegQueryValueExA
RegCloseKey

Exports

Exports

cool
feed
plem

Sections

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ