2fb9c75232934e6a2e7487eed3295963_JaffaCakes118 | Triage

Sharing

General

Target

2fb9c75232934e6a2e7487eed3295963_JaffaCakes118
Size

88KB
MD5

2fb9c75232934e6a2e7487eed3295963
SHA1

fc7608fc9d692a9b0635d9827311efe112a60c88
SHA256

edc7711ca648c11bafb7d1d7ec74f71416c43ed42627d1624a904e34190c1b5f
SHA512

34db186faa877594c84962ba35f46d8413e2fa7590f12b7c01623cd58ecc4e51acd4fb954e0d87ea558d11637e6ab5c5c646e764b7bb82e444383e1157908853
SSDEEP

1536:9XzE2TrmVJVw4x6rk2y7NgszV6BG4jkc5S39TTeT1VY4fXSPd:5E2TrZk5V14HsTIKV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fb9c75232934e6a2e7487eed3295963_JaffaCakes118

Files

2fb9c75232934e6a2e7487eed3295963_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4afb74a22806cdba7cd07c2efa6cc4c7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ShowWindow
ShowOwnedPopups
ShowCursor
ShowCaret
MessageBoxIndirectA
LoadMenuA
LoadIconA
LoadCursorFromFileA
LoadBitmapA
LoadAcceleratorsW
IsCharLowerA
EndMenu
DestroyWindow
DestroyMenu
CreateIcon
CreateDialogIndirectParamA
CreateDesktopA
CreateAcceleratorTableA
CharUpperA
CharToOemBuffA
CharLowerA
ChangeMenuA
wsprintfA

kernel32

ExitThread
FlushFileBuffers
ExitProcess
EnterCriticalSection
CompareStringA
GetDateFormatA
GetLocalTime
GetVersion
lstrcpyA
lstrcmpiA
lstrcatA
UnmapViewOfFile
TlsAlloc
SetEndOfFile
RtlUnwind
ReadFile
OpenFile
MapViewOfFile
LoadLibraryA
GetVersionExA
FreeResource

oleaut32

OleTranslateColor
SafeArrayAccessData
SafeArrayAllocDescriptor
SafeArrayCreate
SysFreeString
VarBstrCmp
GetErrorInfo

Sections

.text
Size: 18KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 66KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ