54a21fa98eb30ff158f2c4a6728c283c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

54a21fa98eb30ff158f2c4a6728c283c_JaffaCakes118
Size

19KB
MD5

54a21fa98eb30ff158f2c4a6728c283c
SHA1

17948ed582f64827f92b3c42a2ec61924f0f9e20
SHA256

e90b0c28f870c31a580cb7af04f1227d9091008b9e06250fdbac7418ac72826d
SHA512

1934fa198752636518dccbaee25e0fd4b42599af2ea0c5673f5606590283c146bd28a0064622e16f080b67fe5075816fd245c8a9b6465611068207f857c232dc
SSDEEP

384:ufY4wNF0Dzr6S+P0Tc0Xz9iQwIjHjR9Zlbm1P+J0+WViWvgT:v4wH0zWPAZXz9iQ7DRnU+J01M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54a21fa98eb30ff158f2c4a6728c283c_JaffaCakes118

Files

54a21fa98eb30ff158f2c4a6728c283c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d72d06a9ed7c4b00fbd5a4eb0e1ab104

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetTickCount
Sleep
GlobalFree
lstrcatA
lstrcpynA
lstrcpyA
GlobalAlloc
VirtualProtect
lstrlenA
VirtualFree
GetProcAddress
LoadLibraryA
VirtualAlloc
ResumeThread
CreateThread
CloseHandle
ReadFile
GetFileSize
CreateFileA
GetWindowsDirectoryA
lstrcmpiA
DeleteFileA
ExpandEnvironmentStringsA
GetModuleFileNameA
_lclose
_lopen
GetPrivateProfileStringA
GetPrivateProfileIntA
_lcreat
GetTempPathA
IsBadReadPtr
WriteFile
SetFilePointer

user32

wsprintfA
CharLowerBuffA
ShowWindow
FindWindowExA
SendMessageA
FindWindowA
CharUpperBuffA

shell32

ShellExecuteA

ole32

CoCreateGuid

msvcrt

fprintf
fopen
fscanf
fclose
strstr

ws2_32

gethostname
WSAStartup
gethostbyname

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ