f57c62d6dfa0861664156f0c8d2a1c97_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f57c62d6dfa0861664156f0c8d2a1c97_JaffaCakes118
Size

172KB
MD5

f57c62d6dfa0861664156f0c8d2a1c97
SHA1

2ab901e4287ff46daad075603ad710f60b060bcc
SHA256

10b6c69b58f0f1ad9370021ee1cc8d0565a86d4700901916cda169d190df0d06
SHA512

134346082348d96c884abb4378f5959766594e655cbd7362b46c31891e0e7674aba9888b6eabc90970bec0cf30d2eb369a687a23a689f48c23f70769b1e56c94
SSDEEP

3072:mDHuxp8n6SJSuqb/M3YUU5ZfP5Zdq4wInaL4Sv/H6rRCLJdLaarCgHr:mqx6FAS5EZ5ZmInaMo/ar6PLaaeY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f57c62d6dfa0861664156f0c8d2a1c97_JaffaCakes118

Files

f57c62d6dfa0861664156f0c8d2a1c97_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c7536f237026af5a1ec70ca096ba967c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GlobalAlloc
CopyFileA
EnterCriticalSection
CloseHandle
GetProcAddress
GlobalFree
WaitForSingleObject
InterlockedCompareExchange
OpenEventA

ole32

CoUninitialize

user32

PostMessageA
PeekMessageA
SetTimer

Exports

Exports

kbdHelpext

Sections

.text
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ