e161979a249b52933522a90c03621bc3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e161979a249b52933522a90c03621bc3_JaffaCakes118
Size

174KB
MD5

e161979a249b52933522a90c03621bc3
SHA1

78072ee75a4653a13434b77b6390f08d95923da7
SHA256

09c7c094dae83bb9ffb48e05b4a4ecb65568ccb44dd5e8ad75770a6f87a0f25c
SHA512

947bbeb15cd28bb0d874e08ce2e51cf693b1ec18f4914613119f64419083cf38c0bcdd0a2df1457f081b44219487444178d995c70877ed76a84782c5aa77222c
SSDEEP

1536:91moQj+PGsGxPe7iGZQAbPVkbMeWCkglT/BpnayY896GWdLkAWWZz5f/lGuDXsRk:jmoQjEiGZZLgJnG8dWxlbsqsRFW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e161979a249b52933522a90c03621bc3_JaffaCakes118

Files

e161979a249b52933522a90c03621bc3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c6ce08f606b877dc5926bfa2be921535

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
GetCommandLineA
GetModuleHandleA
GetStartupInfoA
GetVersionExA
InitializeCriticalSection
LoadLibraryA
MapViewOfFile
OpenFileMappingA
RtlUnwind
SetLastError
TlsAlloc
lstrcmpiA
lstrcpynA
lstrlenA

user32

MessageBeep
EndPaint
DrawMenuBar
CreateCursor

advapi32

RegCloseKey
RegQueryValueA
RegOpenKeyExA
RegLoadKeyA
RegEnumKeyA

Exports

Exports

Bcmqbwlb
Llreutiaed
Tdikb

Sections

.text
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ