179a831b370966fb0ea64872a6f201c2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

179a831b370966fb0ea64872a6f201c2_JaffaCakes118
Size

269KB
MD5

179a831b370966fb0ea64872a6f201c2
SHA1

2a03f7a05a53376a6f6693cffdea19c0923246f2
SHA256

78b22ed1ce8ae40fdc35554e7e991a68352edb7e3b4ab8405a279c45eca91502
SHA512

a5a8fedb2343e02f099d0b1556314be5293e8b9a2d2dfd55d3ddb2dea6a9f2fbbb50dd66fb4464322beed2698d2c63ca8f5a2d80cbb235d12cfe5e5a38a2d2c1
SSDEEP

6144:Yob0qmJd16ad/I3niA6c7Y0C/L9ABa510:YobBMd/I3ifqC/L9qt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
179a831b370966fb0ea64872a6f201c2_JaffaCakes118

Files

179a831b370966fb0ea64872a6f201c2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ce3be3a0971a8314f2bf876f19f8a18d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ToAscii
ShowOwnedPopups
ShowCaret
SetCursor
LoadAcceleratorsW
GetWindowTextA
FillRect
EndMenu
EndDialog
DrawStateA
DrawIcon
DrawCaption
DialogBoxParamA
DestroyWindow
DestroyIcon
CreateIconFromResource
CreateDesktopW
CreateCursor
CreateAcceleratorTableA
CharUpperA
CharToOemA
BeginPaint

kernel32

EnumResourceTypesA
EnumResourceLanguagesA
GetLocalTime
GetPrivateProfileStringA
GetSystemTimeAsFileTime
GetVersion
lstrcpynA
lstrcpyA
lstrcmpA
WriteFile
VirtualAlloc
TlsAlloc
Sleep
RaiseException
OpenFile
LoadResource
InitializeCriticalSection
GetVersionExA
GetDateFormatA

oleaut32

RevokeActiveObject
SafeArrayCreate
VarBstrCat
RegisterTypeLib
ClearCustData

Sections

.text
Size: 20KB - Virtual size: 404KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 243KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ