463027edeb92b47b46c410ade64e4825_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

463027edeb92b47b46c410ade64e4825_JaffaCakes118
Size

116KB
MD5

463027edeb92b47b46c410ade64e4825
SHA1

0ba84e6e93c253d62f7a54adb88fd05d58f70fa6
SHA256

f97eb8636e4db2fb9eeb6927f3dba61ac5106c32aa8e3f962551005c99074d4c
SHA512

fb198b6fb1650ba158f1ac3d9dfe2cab108ea2f89e66e9c13ce45b94adb0e52857c4f6404286f078e805f2f8b92a54ddf9c107d4837c0d3642deeabd9094c5b1
SSDEEP

1536:mi33MzXSfao1WylQrxSYomsq3DEm4CLPml/pnmKysDWbWK7tr:H33wCCiq9VoVoXf8pNDWNr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
463027edeb92b47b46c410ade64e4825_JaffaCakes118

Files

463027edeb92b47b46c410ade64e4825_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e2665a4924c32fed8826fabaf298b8d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapCompact
VirtualAllocEx
GetCurrentProcess
BeginUpdateResourceA
GetExitCodeProcess
WaitForDebugEvent
FindFirstFileExW
GetConsoleOutputCP
GetProcessId
ExitProcess
FindVolumeMountPointClose
GetPrivateProfileSectionNamesW
GetCommandLineW

user32

SetShellWindow
FindWindowA
GetSystemMetrics
SetSystemCursor
GetCursor
GetTitleBarInfo
GetWindowTextA
InvalidateRect
GetQueueStatus
CopyIcon
LoadBitmapW

gdi32

SetBoundsRect
PolyTextOutA

Sections

.text
Size: 104KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ