0bea0d2be9e196305926a6595aee68f3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0bea0d2be9e196305926a6595aee68f3_JaffaCakes118
Size

130KB
MD5

0bea0d2be9e196305926a6595aee68f3
SHA1

1b7ee1d26058e8691eb1606beed5ca3ef0f37c9e
SHA256

d8dc7a9b71a89abc1983eeea7edbcf980a8286160f7f53d22c27d006a076905d
SHA512

ce4ca4b1cf67aaefbca70463a6e4280a42994f96a35c1a3a3219b84e1e2094ad342ed079abb5b2fe64ff13a6e4b154a9225abe420e7a174528121d2eaf2c3113
SSDEEP

3072:+mbykH+zpBdTuBsbgWOzmn3ABilkLsClOR5TcU0vZpwVh:+m5UfdKEamnX+zlNM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bea0d2be9e196305926a6595aee68f3_JaffaCakes118

Files

0bea0d2be9e196305926a6595aee68f3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

fd4fbff25564df8cb721b12915701379

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
HeapCreate
HeapSize
LCMapStringA
SetEvent
CreateFileA

msvcrt

__p__commode
__set_app_type
_cexit
srand
sscanf
strspn
time
_XcptFilter

user32

DrawIconEx
GetClassNameA
GetSubMenu
GetSystemMetrics
GetWindowPlacement
OffsetRect
TrackPopupMenuEx
TranslateMessage
DefMDIChildProcA
RedrawWindow

oleaut32

SafeArrayDestroy
SetErrorInfo
SysFreeString
SysReAllocString
SysStringLen
VarBstrCmp
RegisterTypeLi

shlwapi

PathBuildRootA
PathAppendA
PathFileExistsA
SHDeleteKeyA
SHDeleteValueA
SHQueryInfoKeyA
StrSpnA
StrStrIA
StrToIntA
SHDeleteEmptyKeyA

Exports

Exports

CaptureDeviceDialog
Direct3DCreateDevice
GetNewCatalog
MIDL_user_free

Sections

.text
Size: 64KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ