0b0d612e9b17009e1b533feb226cbdc5_JaffaCakes118 | Triage

Sharing

General

Target

0b0d612e9b17009e1b533feb226cbdc5_JaffaCakes118
Size

86KB
MD5

0b0d612e9b17009e1b533feb226cbdc5
SHA1

4d60e671b62a8e934b02f5aaac8eacaf5b3a1e65
SHA256

e2ae84b1da4d8af16efe669dc6541090da20659363a93c32217b7f3b80134382
SHA512

30f1f50250c183ae3b099f25566c0ad9048d0b2ac511171752382b5c1fb7c5249234cb8ec480a2d5a1d869d70a7ae66d35d7f6b06232361ab51402a38f5025c7
SSDEEP

1536:4EOhk278jkNzkElTHnl4G942PPKnwV5SEB4j6RYP2UTUXc7BFc7jZawrmdlOryKG:bO57CkVLFCG942PPMwV5SEB4eRY1T/Cw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b0d612e9b17009e1b533feb226cbdc5_JaffaCakes118

Files

0b0d612e9b17009e1b533feb226cbdc5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ade41503d0f0e0fa417bb104ee00fce9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SetMenuInfo
LoadMenuA
LoadCursorFromFileA
LoadBitmapA
GetCursor
EndDeferWindowPos
DrawCaption
CreateCursor
CreateAcceleratorTableA
CharUpperA
CharToOemBuffA

kernel32

GetStartupInfoA
GetVersion
EnterCriticalSection
CompareStringA
ReadFile
Sleep
lstrcpynA
lstrcmpA
TlsAlloc
LoadLibraryA

oleaut32

SysFreeString
SysReAllocString
SysStringLen
SafeArrayAllocData
ClearCustData

Sections

.text
Size: 16KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 66KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ