de9e8d7db438aed6db57fa65a4c980d7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de9e8d7db438aed6db57fa65a4c980d7_JaffaCakes118
Size

186KB
MD5

de9e8d7db438aed6db57fa65a4c980d7
SHA1

7e05cdf96cbaab7ff4effa710950d563df84c845
SHA256

c6b0226fcd7be9790ec473cd71e4d3b149a4af85cd1411503dc5dd9c6df831eb
SHA512

7bfc445ab85d6de661c6f31f7773277d5af030cca04a00540000503222daacaf37fb660dbb7f2fa01da0d6ba99c7f0aa125e28d4178d719bb70c220247afd1f2
SSDEEP

3072:q+FS4KdLUHXPOptswNF8G9yJQbzX8gcE:lFS4KNuGptswFDX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de9e8d7db438aed6db57fa65a4c980d7_JaffaCakes118

Files

de9e8d7db438aed6db57fa65a4c980d7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dc3eae38029203ee83d4bcc4e58b359d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
EnumResourceTypesA
ExitProcess
GetCommandLineA
GetFileSize
GetStartupInfoA
InitializeCriticalSection
LoadResource
RaiseException
RtlUnwind
SetLastError
VirtualFree
lstrlenA

user32

GetWindowTextA
LoadCursorA
OemToCharW
GetFocus
DrawIcon
CreateDialogParamA
CreateDesktopA
CharLowerA

advapi32

RegOpenKeyExA
RegLoadKeyA
RegEnumKeyA
RegCloseKey

Exports

Exports

Iezetuxa
Sitg

Sections

.text
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ