db395fe3d8f3035df680dbf7c87dd874_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

db395fe3d8f3035df680dbf7c87dd874_JaffaCakes118
Size

88KB
MD5

db395fe3d8f3035df680dbf7c87dd874
SHA1

0c79bc41571aa22b3f3dd1f618081151824dd0b5
SHA256

69375a4d736fab56ee9a8e4b85e562512c0c93f5b1dd1e8de3429e16a80cb504
SHA512

eee1b97cd2a1771df2f0d5aceb807e09cfc236639b02a0fb901d4549a03a1bfe7bed8bb256a98a6be9b3baf3d409fdd0adb92e3e5a29494bbf5b9a060660ac05
SSDEEP

1536:M6h/u6olBT/aAsv8I8TfwSYBdsHydGjIwDNLK3JL40Gv3Nw6woOVNgg0j:M6h/uvT/R2OfwSGd029wyk0GPNHtq2gu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db395fe3d8f3035df680dbf7c87dd874_JaffaCakes118

Files

db395fe3d8f3035df680dbf7c87dd874_JaffaCakes118
.dll windows:4 windows x86 arch:x86

deca374f49a292ee9a9effab8523edc9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CreateIconFromResource
CreateIconFromResourceEx
CreateMenu
DestroyMenu
CreateDialogIndirectParamA
DrawTextA
EndDeferWindowPos
EndMenu
EqualRect
CreateDesktopA
CopyRect
CopyImage
CharUpperBuffA
CharToOemBuffA
CharToOemA
CharNextA
ChangeMenuA
DrawStateA
ActivateKeyboardLayout

kernel32

lstrcpynA
lstrcatA
VirtualAlloc
ReadFile
GetLastError
GetCommandLineA
ExitThread
EnumResourceTypesA
lstrlenA

Sections

.text
Size: 22KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 62KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ