00efc5f0a5917af065bed0c997726a58_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

00efc5f0a5917af065bed0c997726a58_JaffaCakes118
Size

64KB
MD5

00efc5f0a5917af065bed0c997726a58
SHA1

667722b3716756973c81e388e4a9c060bbfe726e
SHA256

d2732821fd9a8bd536e8e77f42aaeaf783e2bea450bbd7735f6f49bff1c33bc2
SHA512

681f5a66af8aac9040dc22d869a3c2701da48c10a454e219a916a0e5337dc0c0204472053e482b8a079f6e137703676f68a7a62ca5e69ab4354ca686aa5d0e54
SSDEEP

1536:CuaNFLxcRwOpxVnR4A/z32xI4n2wGjpjNU222/TKq04w:CuILmRwQxr4Jn2HNU2TT10n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00efc5f0a5917af065bed0c997726a58_JaffaCakes118

Files

00efc5f0a5917af065bed0c997726a58_JaffaCakes118
.dll windows:4 windows x86 arch:x86

96df26878193c319b092a97a385bedac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

EmptyClipboard
DrawTextA
DrawMenuBar
DispatchMessageA
DestroyIcon
DestroyCaret
CreatePopupMenu
CreateIconFromResource
CreateDialogIndirectParamA
CopyImage
CloseWindow
CharUpperA
CharNextA
CharLowerA
EnableScrollBar
ChangeMenuA

kernel32

lstrcmpA
WriteFile
TlsFree
SleepEx
SetLastError
SetEndOfFile
RtlUnwind
OpenFile
LoadResource
LeaveCriticalSection
GetTimeFormatA
FreeResource
CloseHandle
lstrlenA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
a

Sections

.text
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 54KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data0
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ