0e2bb4a15b9a0f5e9f3dc707f7400bb1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e2bb4a15b9a0f5e9f3dc707f7400bb1_JaffaCakes118
Size

143KB
MD5

0e2bb4a15b9a0f5e9f3dc707f7400bb1
SHA1

6e0fdc6b4cb3f200373c605cb3ce2a0da9f34933
SHA256

99156ae4808ccd55a0fc3801b41a2bc2b851d81c55a30226f87fd728b83ff0cb
SHA512

c4e6f71ea6e73709ea17a0a1914de8b84cf16cb0a60f86713f3e023e1508fac5d472c79ffca22d8b440c15474aea91602d99f4712fa09d55c8ee57db9555efc5
SSDEEP

3072:/bQQeQQQQQQQQQQQQeQQQQQQQfGQQQQQQQQQQeQQQQQQQQcbdgu64eJk9EtUJ3bP:/gPJLeKbq/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e2bb4a15b9a0f5e9f3dc707f7400bb1_JaffaCakes118

Files

0e2bb4a15b9a0f5e9f3dc707f7400bb1_JaffaCakes118
.dll windows:5 windows x86 arch:x86

98d55befd13451a60b6adb99171fa4a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
FreeLibrary
GetFileAttributesA
GetLastError
GetModuleHandleA
GetProcAddress
GetVersionExA
CreateMutexA
ReleaseMutex
UnhandledExceptionFilter
WaitForSingleObject
lstrlenW
VirtualAllocEx
GetStartupInfoA
LoadLibraryA
CloseHandle

user32

GetWindowThreadProcessId
LoadIconA
LoadCursorW
SetForegroundWindow
SendMessageTimeoutA
LoadStringA
MessageBoxA

advapi32

RegOpenKeyExA

shlwapi

StrCmpIW
SHSetValueA
SHGetValueA
PathRemoveFileSpecA
StrStrIA

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ