0d45a69f06cf760dcdf3794de170c86a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d45a69f06cf760dcdf3794de170c86a_JaffaCakes118
Size

88KB
MD5

0d45a69f06cf760dcdf3794de170c86a
SHA1

080e40c5b1d5159ea005ceaefd7ac822abf7b30e
SHA256

a588be9f603ef41c11724ba4584a8657b6817ba2689e7a8d7ad325ab0abc7a72
SHA512

f099a2300e357f85db226517d4c58713d2783b32ab2b3c654265e5d165289b81a91f71eb59f8d7384915aec3522e8773e580822751e95cc8df3a24b3bc6152d2
SSDEEP

1536:OlzzimDpGG07RmN/l4A/n3oK0R/U4y+y1mER6aJWXVdMVhmomaRhiozNMN:OtzimDUG07RmNa2+qf1mK/LmLaRQWa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d45a69f06cf760dcdf3794de170c86a_JaffaCakes118

Files

0d45a69f06cf760dcdf3794de170c86a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

521b4898fbdfd87a6c2cde6e43523342

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SetMenuInfo
SetFocus
GetFocus
CreateAcceleratorTableA

kernel32

SetLastError
lstrcpyA
lstrcmpiA
lstrcmpA
VirtualAlloc
CompareStringA
EnumResourceLanguagesA
EnumResourceLanguagesW
ExitProcess
ExitThread
FlushFileBuffers
GetModuleHandleA
GetStartupInfoA
GetSystemTimeAsFileTime
LeaveCriticalSection
LoadLibraryA
SetCurrentDirectoryA
TlsFree
SleepEx

oleaut32

SafeArrayDestroy
SysStringLen
VarBstrCat
SafeArrayCreate
ClearCustData
OleIconToCursor
OleLoadPicture
SafeArrayAllocData
SafeArrayAllocDescriptor

Sections

.text
Size: 19KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 66KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ