0a7be8412a3066cbaad9abc9cd3de180_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a7be8412a3066cbaad9abc9cd3de180_JaffaCakes118
Size

276KB
MD5

0a7be8412a3066cbaad9abc9cd3de180
SHA1

8a56308bbeec6e31c400cd2fd1cb0e8bced10c76
SHA256

db312b3124db3cd37addbca5d865bdabbc91cd692a03ebe249c77234dd451a14
SHA512

58fcf31de64a74e315875e5721b4d5bc5213de3de7e4a5ed7555e4526a1e7e1dee259c2221a2459e853f48e2b1b996d2e762b61f4b270d99a7e34e6bda062cd3
SSDEEP

6144:KA8lXEed2JwwdH3qqYk+g/+NIcxCqfEX+MuAvxEcWo1LvzxkKwyXSoH:KA89Tde33Lv+NLYqfEuMuAasZAeSu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a7be8412a3066cbaad9abc9cd3de180_JaffaCakes118

Files

0a7be8412a3066cbaad9abc9cd3de180_JaffaCakes118
.dll windows:4 windows x86 arch:x86

9b6072cd41de5bdb79ee2210b80a30f1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

DrawTextA
DrawStateA
DialogBoxParamA
DestroyMenu
DeleteMenu
CreateIconFromResourceEx
CreateIcon
CreateDialogIndirectParamA
CreateAcceleratorTableA
CloseWindow
CharToOemBuffA
CharPrevA
EndDialog
ActivateKeyboardLayout

kernel32

lstrcatA
SetLastError
MapViewOfFile
LoadResource
GetVersionExA
GetTimeFormatA
GetLocalTime
EnumResourceNamesA
CompareStringA
CloseHandle
lstrlenA

Exports

Exports

CreateMainProc
CreateProtectProc
DllCanUnloadNow
DllGetClassObject
PealLogoff
RealLogon
Setup

Sections

.text
Size: 1024B - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 267KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data0
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ