0a2c2e32ac29807da452a5022db4975b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a2c2e32ac29807da452a5022db4975b_JaffaCakes118
Size

115KB
MD5

0a2c2e32ac29807da452a5022db4975b
SHA1

661cd8e884b71eb847d2403ac705e41e894a2b06
SHA256

af7759c218ede08b24cbaeca67125d141a48e525deaf634b1e0e7a85b670179f
SHA512

f21b94d1f7d774666b425d513daa777b7c5fbfd18fad701e355a5658f4076f9bd8bcb8141c1c5c1c62c3a14a33dce88fe3f5930c63e397710d8e9098694bede4
SSDEEP

3072:9FC0PB7FlnuJeUSi+jai8HQ3ZspQtz3A0DzRLJ:9FPP7huyL8wKpGA0P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a2c2e32ac29807da452a5022db4975b_JaffaCakes118

Files

0a2c2e32ac29807da452a5022db4975b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c1bb9474222ee542fd4e0ff9404b0775

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetPrivateProfileStringA
GetStartupInfoA
HeapAlloc
LoadLibraryA
RtlUnwind
SetLastError
lstrcmpA
lstrcpynA

user32

LoadCursorFromFileA
EndPaint
EnableScrollBar
DispatchMessageA
CharPrevA
CreateIconFromResource

advapi32

RegQueryValueA
RegEnumKeyA
RegCloseKey
RegOpenKeyExA
RegLoadKeyA

setupapi

SetupFreeSourceListA
SetupGetInfFileListA
SetupFindNextMatchLineA

Sections

.text
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ