0d0d116cbee88137cd2b19ba49c7d108_JaffaCakes118 | Triage

Sharing

General

Target

0d0d116cbee88137cd2b19ba49c7d108_JaffaCakes118
Size

164KB
MD5

0d0d116cbee88137cd2b19ba49c7d108
SHA1

ffcb7a0b73c7d0480456ad6e7977f58bd54cb09c
SHA256

ee269ea89eac84bcfc27649c58826b2997e8eea02327a92201e758cecfbc6dac
SHA512

8f4b2df7229b2a6cbfc69f502c77f06707434bbf8b6af7a0d06f6af392dc73e17ce279aa8b0232f6dd4eec212cff9669986b38688b189cf4bac787fa4f007183
SSDEEP

3072:xmw3qDmVyRX7hF4Nmaj1NtiA3QBujEajy:YSVVycLY3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d0d116cbee88137cd2b19ba49c7d108_JaffaCakes118

Files

0d0d116cbee88137cd2b19ba49c7d108_JaffaCakes118
.dll windows:4 windows x86 arch:x86

48ab3e3bbace904cd33e758dfa618031

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
GetVersionExA
LoadResource
CloseHandle

user32

OffsetRect
DrawCaption
CharNextA
IsCharUpperA

advapi32

RegQueryValueA
RegLoadKeyA
RegEnumKeyA
RegCloseKey

Exports

Exports

ecgwbyn
qsxemptoq
z

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE