0adcff55455303fef84be09c498b92e3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0adcff55455303fef84be09c498b92e3_JaffaCakes118
Size

84KB
MD5

0adcff55455303fef84be09c498b92e3
SHA1

38b604dc63965e0b3e72d74d6e6457b87dec4539
SHA256

58c6c0e6a23c21b99244a1597373f3e8785f785505d5df571e595e68e1c26353
SHA512

a5b72374907f64d982b1e2037d410458dfc1d5c86fb07bf5f960984e1a56815372817a04f480618a3ecd09fd5ac0a94991ee703739076076414a1ab62ffa8fc3
SSDEEP

1536:BS93GJYnUwbtPUBuv5ek37rIRy6SSCCChIFom536it73r0cL4:BSQJYUwbeBu0k3nI06TihIFNqoHL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0adcff55455303fef84be09c498b92e3_JaffaCakes118

Files

0adcff55455303fef84be09c498b92e3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

78ab3d83c692c594ec269100627382c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comdlg32

FindTextA

user32

GetKeyState
ReleaseCapture
PostMessageA

kernel32

LocalShrink
QueryDosDeviceW
LocalFlags
HeapCreate
WideCharToMultiByte
CallNamedPipeW
CloseHandle
ConvertThreadToFiber
CreateSemaphoreW
EnumSystemCodePagesA
EnumSystemLocalesA
ExitProcess
FoldStringW
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetPrivateProfileIntW
GetStartupInfoA
GetVersionExA
HeapAlloc
TlsFree

ole32

CoTaskMemAlloc
CoGetMalloc
CreateAntiMoniker
StringFromGUID2
CoFileTimeNow
CoCreateInstance
CoCreateGuid
CoBuildVersion
CoTaskMemFree

dbghelp

UnmapDebugInformation
SymRegisterFunctionEntryCallback
SymRegisterCallback64
SymGetSymFromName64

comctl32

ImageList_DrawIndirect
ImageList_Draw
ImageList_BeginDrag

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ