118acd91d6bfdcdebdbaea0318d780dd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

118acd91d6bfdcdebdbaea0318d780dd_JaffaCakes118
Size

116KB
MD5

118acd91d6bfdcdebdbaea0318d780dd
SHA1

46aec38ff447624cc30ec73a608433a61ff47a12
SHA256

78f7ba6c841156593199e8fc8a7bc8db6e7848bafb7168fda1e6cb0867858a8d
SHA512

2e271a9de2429ecdf7d736dbc12e08a1599e7708b845fc1e19539e56353b91b62355a68b92af7da14cd1d7a76e69fb01edd32aeed9ac92c75edf4e46b53799cd
SSDEEP

1536:uVoaCJZFLoUxP9vl6vNei0m2G0IDqHkQGAXHNz3dJj8/9Ab3:uVSvoGvQVeVmnmTGAXHNzT2ab

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
118acd91d6bfdcdebdbaea0318d780dd_JaffaCakes118

Files

118acd91d6bfdcdebdbaea0318d780dd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d8aed834ea60c578a7ca8328d4c619fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetConsoleInputExeNameA
UnregisterConsoleIME
GetProcessHandleCount
LZInit
SetStdHandle
EnumSystemCodePagesA
CreateDirectoryExA
GetPrivateProfileSectionNamesW
DuplicateConsoleHandle
ExitProcess
GetCommandLineW
VirtualAllocEx
GetCurrentProcess

user32

DestroyCursor
SetForegroundWindow
CreateIconFromResource
LockWindowUpdate
SendIMEMessageExA
GetLastInputInfo
QuerySendMessage
InvalidateRect
GetUpdateRect
LoadBitmapW
GetMenuItemInfoA

gdi32

SetBoundsRect
PolyTextOutA

Sections

.text
Size: 104KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbbs
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ