103971bbe49ed23eb5006282b5960161_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

103971bbe49ed23eb5006282b5960161_JaffaCakes118
Size

86KB
MD5

103971bbe49ed23eb5006282b5960161
SHA1

e1ab89d2c6c9a024cd1a52becff7c19d0d1fafbd
SHA256

c9e6bb727e2db4562e80273a29bcbc15e7e55afc62722f99aaef801fe757aeef
SHA512

cd3de0ac2488b6e423394595f9d086e560ca55f53485f2c6229cd5ff3772eb7f73eda238a3974aa4bd76128a94572386335bf8ea54ac36c3e5c6bc5b06fc6fef
SSDEEP

1536:+OEZK2xevrlvtx6dy/ub2Svkp2/YyMquu19I3jR5/VRMRKlFRYhIM/CaD:+OR2xevrlvtGy/NOkyY4w3lVrl3cPD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
103971bbe49ed23eb5006282b5960161_JaffaCakes118

Files

103971bbe49ed23eb5006282b5960161_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e079ee8de24c4d96ac2d802a1f083fcd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ShowCursor
SetMenuInfo
OemToCharA
MessageBoxA
LoadAcceleratorsW
LoadAcceleratorsA
GetMessageA
FillRect
EndMenu
DrawCaption
DestroyWindow
CreateMDIWindowA
CreateDialogIndirectParamA
CloseWindow
CharLowerA
BeginPaint
ActivateKeyboardLayout

kernel32

GetPrivateProfileStringA
GetLastError
LoadLibraryA
LocalAlloc
Sleep
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA
GetVersionExA

oleaut32

OleLoadPicturePath
RegisterTypeLib
SafeArrayAccessData
SafeArrayAllocData
SafeArrayAllocDescriptor
SysFreeString
SysReAllocString
VarBstrCmp
ClearCustData

Sections

.text
Size: 16KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 66KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ