dfe911db0ddcf1aaf33fcd9eb9743fa3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dfe911db0ddcf1aaf33fcd9eb9743fa3_JaffaCakes118
Size

75KB
MD5

dfe911db0ddcf1aaf33fcd9eb9743fa3
SHA1

50ba1955d4db0a3dcfead8abc59fab1b63a9754e
SHA256

5f305cece4da94a348cc7cb75f976898c1ae25a01b0cee40b5904fa5ea649cee
SHA512

b984700015237bbbc1295efd44beffe340e4ca1660af915b54d99232141e04d62bb1cda7d95b5c5d99266bc38cb47faaf32059387a6613792d46a59ae091a0db
SSDEEP

1536:8kuB7n7YRrXPiD0mDOIiHi84h3PyT9K/DFaelwNBeozTtad4Y+n:UkJPiDUIiHi/c9oHkeozpnYU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfe911db0ddcf1aaf33fcd9eb9743fa3_JaffaCakes118

Files

dfe911db0ddcf1aaf33fcd9eb9743fa3_JaffaCakes118
.dll windows:5 windows x86 arch:x86

4008c09cc623aaae96d7428af7471654

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WritePrivateProfileSectionA
GetStartupInfoA
VirtualAlloc
GetModuleHandleA
LoadModule
GetCommandLineA

gdi32

RemoveFontResourceA

user32

GetWindowTextA
DragDetect
LoadCursorA
LoadBitmapA

Exports

Exports

AddCapervq
WriteAhrfcvp
Cjmqyrqbfs

Sections

.text
Size: 72KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ