0244a6dfbbd59f1ef73f8e4c23ac7796_JaffaCakes118 | Triage

Sharing

General

Target

0244a6dfbbd59f1ef73f8e4c23ac7796_JaffaCakes118
Size

247KB
MD5

0244a6dfbbd59f1ef73f8e4c23ac7796
SHA1

90db4b32896a245a7798e54e12088584720819cc
SHA256

a5bf420237e128a50fc976bdf5d188783eac750aa3967777f1e2f734bbbd4d38
SHA512

b8c583291a79e68b135107d865b0f9db1c12e018a370ca774921342f0675fe4c3e8b2928f26295c573bbb82ea7d5e433b4e069f65ed0b8a8cecbe63b3c60832a
SSDEEP

6144:Aj2Luz8JCSe01lOXslT/kr/zxWW7dybL9FFuMlrkV:Ajx8Jle0HksljoFhMP9HuMJkV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0244a6dfbbd59f1ef73f8e4c23ac7796_JaffaCakes118

Files

0244a6dfbbd59f1ef73f8e4c23ac7796_JaffaCakes118
.dll windows:5 windows x86 arch:x86

ec761448d39d831cf9296330d1aa760f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcatA
FileTimeToDosDateTime
VirtualAllocEx

user32

ShowCursor
LoadCursorA
BeginPaint
RegisterClassExW
EndPaint
PostQuitMessage
DefWindowProcA
SetCursor

gdi32

LineTo

advapi32

RegOpenKeyExA

ole32

StgOpenStorageEx

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data3
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data4
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data5
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data2
Size: 238KB - Virtual size: 237KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 666B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ