41f71edf840e6eddac7589e07e765a63_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

41f71edf840e6eddac7589e07e765a63_JaffaCakes118
Size

171KB
MD5

41f71edf840e6eddac7589e07e765a63
SHA1

90c48b4713d0fa434705f32826f6a16a45fc5225
SHA256

5a24ecf4cbc12a13bc041f875340149270421969d9e2dbe7bef58e7f20458394
SHA512

26dd3a8507a6dee401908d58eeac21a9b416b7601fe5049a53516f55c89c767772078788a0a9de5b8e353395d78b8f10269184ac209f18392c5b3bea0aa780f9
SSDEEP

3072:p8/NbdCGRtFq1zkuPczNslVnv70dWg6YIKOGBgmMMmq0yiF5y:p8VlRK1Aal5KWg6+BgmMVFT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41f71edf840e6eddac7589e07e765a63_JaffaCakes118

Files

41f71edf840e6eddac7589e07e765a63_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e7154c684757ed3e21d774767a94c24f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

CreatePenIndirect
GetClipBox
GetCurrentPositionEx

kernel32

VirtualAllocEx
LocalAlloc
CreateThread
CreateFileA
LoadLibraryA
DeleteCriticalSection

msvcrt

wcscspn
sprintf
exit
mbstowcs
clock
calloc
malloc
swprintf
memset
memcpy
_acmdln
memmove
tolower
wcsncmp

user32

GetMenu
GetCapture
IsCharUpperA
GetScrollRange
GetWindow
GetScrollPos
GetScrollInfo
GetSysColorBrush

Exports

Exports

rUMnu@16
j1arxsvltJLDE
_vOW_6d6LKlE
_5IqJS@4
ZSEJpd90TGcJc
_9kxmqOYcHaR
2BF71yMMGOW

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ