fb86d9c2784f69992c6387c2682a74f5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb86d9c2784f69992c6387c2682a74f5_JaffaCakes118
Size

89KB
MD5

fb86d9c2784f69992c6387c2682a74f5
SHA1

a417fbd9f8ba0f16f54829206da9a5c53f41fb07
SHA256

42c1d619875a618588eb6efbf51829d1a79ae56e79347a9f7b56d397241d8b9e
SHA512

881030c2c18159927cd0290c14fff0f1e8d918249d50bfc355a31d2c2a021b6d096cc27cac187654cb4df511b7fc02fd659614ba9b4dba0e6298f665ba7b434d
SSDEEP

1536:aQWOZdRf5wxnDRO0lvkY7KGeq9VOEqVIQpq/fPZBInwQbRUekh3u:JWWwRRRvjKGeuVOEqVI/PZCjRUeK3u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb86d9c2784f69992c6387c2682a74f5_JaffaCakes118

Files

fb86d9c2784f69992c6387c2682a74f5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0380a00e9a00ffdc03a97c8241595930

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ToAscii
FillRect

kernel32

LoadLibraryW
SetHandleCount
ExitProcess
FreeEnvironmentStringsW
GetACP
GetEnvironmentStringsA
GetTimeZoneInformation
GetUserDefaultLCID
LocalFree

advapi32

RegSetValueExW
RegCloseKey

comdlg32

GetOpenFileNameW
GetFileTitleW

Sections

.code
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ