55237280777cbdc79797569ca4d5d7d0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

55237280777cbdc79797569ca4d5d7d0_JaffaCakes118
Size

179KB
MD5

55237280777cbdc79797569ca4d5d7d0
SHA1

da14cbef84847075931d777c589e8f8d1760cb1e
SHA256

4527b426944d410913a99152ee187b16cfb6a60800196ba7b7c4deecfce0ae4f
SHA512

92e85df0a7e1ef475c1fd9a7e5c3b7fc389b677e28f1bbfbe184dd3a9d8ed34ff70bd17caa6c2d59016cc148502af1a9a59230f71b02006e29a508f70127b384
SSDEEP

3072:kkXu8eYaErEpGpQPMS94mGsS2jbxWGqqs:kFlYac4j4VsSbGqq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55237280777cbdc79797569ca4d5d7d0_JaffaCakes118

Files

55237280777cbdc79797569ca4d5d7d0_JaffaCakes118
.dll windows:5 windows x86 arch:x86

eb2ac23db295c433fc9c7ea552dc2e2b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetACP
GetCPInfo
GetCommandLineA
GetCurrentProcess
GetEnvironmentStrings
GetEnvironmentStringsW
GetFileType
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStartupInfoA
GetStdHandle
GetVersionExA
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
InterlockedExchange
LoadLibraryA
MapViewOfFile
RtlUnwind
SetHandleCount
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WideCharToMultiByte
VirtualAllocEx
LoadLibraryExA

user32

SetForegroundWindow
SendMessageTimeoutA
MessageBoxA
LoadStringA
LoadCursorA
LoadIconA
GetWindowThreadProcessId

shlwapi

StrCmpIW
SHSetValueA
SHGetValueA
PathRemoveFileSpecA
StrStrIA

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 834B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ