de76f1b0140538e66e05e2e60d52cb99_JaffaCakes118 | Triage

Sharing

General

Target

de76f1b0140538e66e05e2e60d52cb99_JaffaCakes118
Size

6KB
MD5

de76f1b0140538e66e05e2e60d52cb99
SHA1

f34b2d4e86da4180308abdaf2a43afd7447d00d8
SHA256

97fb1cee6bec784009df80bc3a5e8ea8e75de04ba8f1d84bdc8e60612f147552
SHA512

33bd1d32b4e419633aba43f508f51a3616ef80518611b37587ca9eb41fe4b3dc914173d506006d90ae80fd6b77ced6fca11930e066539244d30475fa42e81d6e
SSDEEP

96:LTmzFZhI0w8coUrnP9kwl7ynmY0mRuTmlHUW65s4BLhh5wqwfrPDo3vT:LTYIHrnP9kZ0mFxFMLhhKq4PoL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de76f1b0140538e66e05e2e60d52cb99_JaffaCakes118

Files

de76f1b0140538e66e05e2e60d52cb99_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a1fd2cb02ade3a44f53b01f17183b54d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SendMessageA
MessageBeep
GetForegroundWindow
GetClassNameA
wsprintfA
FindWindowExA

kernel32

CloseHandle
CompareStringA
CreateFileA
CreateProcessA
CreateThread
DeleteFileA
GetModuleFileNameA
GetStartupInfoA
GetSystemDirectoryA
GetSystemTime
GetTickCount
GetWindowsDirectoryA
LocalAlloc
LocalFree
ReadFile
Sleep
SystemTimeToFileTime
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpynA
lstrlenA
SetFilePointer

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegCreateKeyExA

wininet

FindNextUrlCacheEntryA
FindFirstUrlCacheEntryA

urlmon

URLDownloadToFileA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ