408e135540c78a2aca2f214da4b379e0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

408e135540c78a2aca2f214da4b379e0_JaffaCakes118
Size

168KB
MD5

408e135540c78a2aca2f214da4b379e0
SHA1

a90c405f9cfec166ff9203a12beb30a8693e7cea
SHA256

89873ab54d9df649567b27cf53e935432034ff1814e4c1bc64492b910dbe7488
SHA512

90b68f0cec2b2a6399ffd2a654fe0869cb1df7180a8287c271bdb01b620627b6ec5d70b05c851f334520120a5bbd78829db1b293fbfb97c150dc00f66d2412e2
SSDEEP

3072:0VLuc+reWW7E5mZgvsCyLXS2jbxWGqqs:081rs4+XSbGqq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
408e135540c78a2aca2f214da4b379e0_JaffaCakes118

Files

408e135540c78a2aca2f214da4b379e0_JaffaCakes118
.dll windows:5 windows x86 arch:x86

43fe7bee1d3bbe93ed611df02217b792

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetACP
GetCPInfo
GetCommandLineA
GetCurrentProcess
GetEnvironmentStrings
GetEnvironmentStringsW
GetFileType
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStartupInfoA
GetStdHandle
GetVersionExA
HeapCreate
HeapDestroy
HeapFree
LoadLibraryA
MapViewOfFile
SetHandleCount
UnhandledExceptionFilter
VirtualFree
WideCharToMultiByte
VirtualAllocEx
LoadLibraryExA

user32

SetForegroundWindow
SendMessageTimeoutA
MessageBoxA
LoadStringA
LoadCursorA
LoadIconA
GetWindowThreadProcessId

shlwapi

StrCmpIW
SHSetValueA
SHGetValueA
PathRemoveFileSpecA
StrStrIA

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 770B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ