085d83ad4faff2f924be6130360e59f3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

085d83ad4faff2f924be6130360e59f3_JaffaCakes118
Size

15KB
MD5

085d83ad4faff2f924be6130360e59f3
SHA1

8d05c38e44e9f19f39886090f4c070389e7f49d2
SHA256

f1a48ec7e84152c501943aa1823dae73410551d2ab2393752e7b981a71f85713
SHA512

4aecca3917444480654863fc345f7810c00ae11627b7fdf725857b25b29670eb6fa8ebb7decce47dd16f6c52634dc668537b86ecafa7f44bf2b40e18f934c772
SSDEEP

192:BA3NuJjJ5mUW2g7weOOLDfl/3Hlm4CJZsX/MpXBClOjenPUNVt40qzm4pMZrz:Sy+ZRvfl/FSsXkelxPUDt41tWZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
085d83ad4faff2f924be6130360e59f3_JaffaCakes118

Files

085d83ad4faff2f924be6130360e59f3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

635d80c19451ba0c03108299c1d5cd44

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateProcessA
CreateThread
DeleteFileA
EnterCriticalSection
FormatMessageA
GetCommandLineA
GetCurrentThread
GetDateFormatA
GetEnvironmentVariableA
GetFileSize
GetProcAddress
GetProfileStringA
GetTickCount
GetVersionExW
GlobalAlloc
IsBadReadPtr
LoadLibraryA
LoadLibraryW
LocalAlloc
LocalReAlloc
LocalSize
MapViewOfFile
ReadFile
ResumeThread
Sleep
VirtualAlloc
WaitForSingleObject
lstrcmpA
lstrcmpiA
lstrlenA

user32

wsprintfA
BeginPaint
CallWindowProcW
CharNextA
DeleteMenu
EndDialog
EndPaint
GetClassInfoExW
GetCursorPos
GetDlgItem
GetFocus
GetKeyState
GetSystemMetrics
GetWindowRect
IsWindow
LoadCursorW
LoadMenuW
PaintDesktop
SendDlgItemMessageW
SetCapture
SetRect
SetTimer
SubtractRect
UnregisterHotKey

Exports

Exports

SfcGetFiles

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ