4671305c05210126b9bf50ee3acfea5a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4671305c05210126b9bf50ee3acfea5a_JaffaCakes118
Size

137KB
MD5

4671305c05210126b9bf50ee3acfea5a
SHA1

e06c25a476aa6da7349f8b1d99c241fcd5a4b94a
SHA256

deb5e88a956b929d68c3f6b1418e34ad19cc3aa12c6c2dcf4cc9b94a0b78a1a3
SHA512

ff106154fadd56c04c932e791baf9ae0bd6e799b64d880594e8e871c3a8021893870f037d5e8ebd22face938386dad0d0d4a74744b19e42329bf59c88c8f0078
SSDEEP

3072:q6pdCPWAkCZa1g8IWAzGisCgLW7N5btIqhQYlpch1l12YgRoFsogoF6Fyqti:TCmCI17KG5A5btdlqh1f2YQpog9EJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4671305c05210126b9bf50ee3acfea5a_JaffaCakes118

Files

4671305c05210126b9bf50ee3acfea5a_JaffaCakes118
.dll windows:14925 windows x86 arch:x86

6ad771177836d17613ca1a5cba03e177

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
InterlockedDecrement
VirtualFree
ExitProcess
WideCharToMultiByte
LocalAlloc
GetModuleHandleA
LoadLibraryA
SetFilePointer
GetCurrentProcessId

user32

GetDlgItem
RegisterClassExW
SetDlgItemTextW
IsWindowVisible
GetSysColor
EnableMenuItem

gdi32

GetStockObject
GetObjectW
CreateBitmap
CreateCompatibleBitmap
LineTo

Exports

Exports

lTWYBsC
EHjINVL
AYTaJwLw
eSQtHf
RFAZeOo

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ