156f2a7e58803c0c1a576932e39267d0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

156f2a7e58803c0c1a576932e39267d0_JaffaCakes118
Size

88KB
MD5

156f2a7e58803c0c1a576932e39267d0
SHA1

418c05ecfe933fcc3ceadcf2afe4a1ce2e39cbd0
SHA256

03ff04d47f4ea0fef2ddda3f19ab74b1c043b7c026a0622dfea7b59f93c9c929
SHA512

dd278a608550243d67f35a0a805b795db5811b30986970e66a6cdc0b634e97d71b8f784e037684098b9532c3104d41d1e0b665a17ac0e93f76752c40c5b40591
SSDEEP

1536:uBWkp9t3K6RyJwPaNoONkA00ZMfCAmnPoRAr186Cg+RPoiCff2wzuwjo:a74waNoYkx0ECpCyCg+9oiCGwzC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
156f2a7e58803c0c1a576932e39267d0_JaffaCakes118

Files

156f2a7e58803c0c1a576932e39267d0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0728615e9452e55c96158bcb322513d2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

DestroyMenu
DestroyCaret
DefDlgProcA
CreateDialogParamA
CreateAcceleratorTableA
CharUpperBuffA

kernel32

LoadResource
lstrlenA
lstrcpynA
lstrcpyA
lstrcmpiA
lstrcmpA
VirtualAlloc
CompareStringA
EnterCriticalSection
EnumResourceTypesA
FindResourceA
FlushFileBuffers
GetLastError
GetLocalTime
GetModuleHandleA
GetVersionExA
LocalAlloc
MapViewOfFile
OpenFileMappingA
RaiseException
RtlUnwind
Sleep
TlsAlloc
TlsGetValue
TlsSetValue

Sections

.text
Size: 16KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 68KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ