1270f1c55ebe8c9b4332ed65f4e7bdeb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1270f1c55ebe8c9b4332ed65f4e7bdeb_JaffaCakes118
Size

102KB
MD5

1270f1c55ebe8c9b4332ed65f4e7bdeb
SHA1

d28a7ad0ceed87c95b03d2cbe85620e473b53bfc
SHA256

a040d30318be2eaadcc3b29b22b48e126735c33e3a6b02dbee866020f85f9697
SHA512

4c1b219bd2364c4e88a383dc939641812825d5e84622abeb1d666d49b5f9f3ef6030afdc23497dbd9f01c41dcd8363bc40a9f08290f025f16ca453ef26f2d0c6
SSDEEP

3072:foezv1qfuP3hF8FL/7snx0a9AWH8dxPyATPEYmk:foezvUfuPxOfwIxPw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1270f1c55ebe8c9b4332ed65f4e7bdeb_JaffaCakes118

Files

1270f1c55ebe8c9b4332ed65f4e7bdeb_JaffaCakes118
.dll windows:5 windows x86 arch:x86

1c4eb4a5bfe5be03fe3f335089c4ae44

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\Generated\TEMP\Info\Dbg.exe

Imports

user32

IsCharAlphaA
GetForegroundWindow

kernel32

lstrlenW

Exports

Exports

FQ10
FQ11
?ConstantDekay@@YGFPAUHWINSTA__@@PAUHWINEVENTHOOK__@@@Z
?SintroFullOption@@YGFPAUHWINSTA__@@PAUHWINEVENTHOOK__@@@Z

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.r1
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.r2
Size: 512B - Virtual size: 253B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.r4
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ