09f6468ca8c99dacdccae7cbd5d2bdb7_JaffaCakes118 | Triage

Sharing

General

Target

09f6468ca8c99dacdccae7cbd5d2bdb7_JaffaCakes118
Size

130KB
MD5

09f6468ca8c99dacdccae7cbd5d2bdb7
SHA1

e87c56ed721e718746144b6c8d3c2ae177c07089
SHA256

1700e92379b91503697254a9696e82d490ab40862c92e175c07cca9c1ca5f1a9
SHA512

290d93e2e7c91dcacbf879061c6c22efd96cee0a49ec34afad38d126f017b93b555176805a247fea15cda95f3740f917e656545a22b78aa59d01e170d1032bf7
SSDEEP

3072:SQpzenm7tvPPJqxnpqFA3Zczfgk26OYmm:S6IYvHGnpqFaKfgk26y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09f6468ca8c99dacdccae7cbd5d2bdb7_JaffaCakes118

Files

09f6468ca8c99dacdccae7cbd5d2bdb7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a01cefafa4b9dd4ae6a93d78a0b11856

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetDateFormatA
GetEnvironmentStringsA
HeapAlloc
HeapCreate
SetEvent
VirtualFree
WaitForMultipleObjects
lstrcatA

msvcrt

malloc
_XcptFilter
__p__commode
__set_app_type
_exit
srand
setlocale
vswprintf
free
fprintf
exit

user32

EmptyClipboard
GetDlgCtrlID
EndDialog
DestroyWindow

oleaut32

RegisterTypeLi
RevokeActiveObject
ClearCustData
SafeArrayCreate
SafeArrayDestroy
VarBstrCat
SysFreeString

shlwapi

PathGetCharTypeA
SHDeleteValueA
StrChrA
SHDeleteKeyA
PathAppendA

Exports

Exports

CaptureDeviceDialog
Direct3DCreateDevice
GetNewCatalog
MIDL_user_free

Sections

.text
Size: 64KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ