3be44b25c1ce6a73c5fd4a50007fa8ef_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3be44b25c1ce6a73c5fd4a50007fa8ef_JaffaCakes118
Size

64KB
MD5

3be44b25c1ce6a73c5fd4a50007fa8ef
SHA1

17f400e5bf6b4c487f79d7d726830514f5f3e5ac
SHA256

62162aab01a30dceb6b344d024ef4dd9a2f09d0fb669a4ec44571aea5079a45c
SHA512

c798b4016c4410ebf8e6bff16bade51fcb12efc8f87d2341d1d38aa9fa07dc9fdd9af16262ed13677bd3e163c6fcf0b0a2378d51556357b5168640e0c03b6bc4
SSDEEP

1536:prdu3H8nbU5LVzhNupsL4XVVCcvQaQI5+LtRpmq:ru3H/RzhWsL4+c4ax0A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3be44b25c1ce6a73c5fd4a50007fa8ef_JaffaCakes118

Files

3be44b25c1ce6a73c5fd4a50007fa8ef_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dba6ae8828b56136f6a842728f0a6bd8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetWindowsDirectoryA
ExitProcess
OpenProcess
Thread32First
GetCurrentThread
GetStartupInfoA
GetCommTimeouts
GetConsoleMode
FindResourceA
VirtualAllocEx
GlobalWire
GetSystemTimes
SetConsoleCursorPosition
GetCommandLineA
GetProfileSectionA

user32

RealGetWindowClassA
MessageBoxTimeoutA
GetClassNameA
GetMenuItemInfoA
RealGetWindowClass
SetKeyboardState
RegisterWindowMessageW
CreateIconFromResource
MapDialogRect
MessageBeep
PeekMessageA
UnregisterClassA
ReuseDDElParam
ShowCaret
SetWindowTextA
FlashWindow
PostMessageA
PostThreadMessageA
GetComboBoxInfo

gdi32

LineTo
PatBlt
StretchBlt
DeleteObject

advapi32

RegCloseKey
RegOpenKeyExA

Exports

Exports

Kkxoxoo
Tqrohpb

Sections

.textbbs
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 52KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ