0c4ed6d9329f2797c9476fd4b9019d7f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c4ed6d9329f2797c9476fd4b9019d7f_JaffaCakes118
Size

205KB
MD5

0c4ed6d9329f2797c9476fd4b9019d7f
SHA1

cf201ce3e6c4fdf6f94d026fa34342cc04234f09
SHA256

782a5e50ec79c42a3cccaa74fdaaf96eee7fb72386d1168928e9fd190c4f50b1
SHA512

224534052222ec1d27eaacc3216341c579f1f865402d3779a3f98d5dc974465adbca96355ee4b1e600f31b0ff59818703659af0d82a3f0e5f42efd6098cecc93
SSDEEP

3072:fzkKFJlta0LHpkVdwKXp7UeCsqRB1ACfG+yycemGRHMMr8wgJiEvwrMVjSMIcscE:9ZdkVtXhLwv15

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c4ed6d9329f2797c9476fd4b9019d7f_JaffaCakes118

Files

0c4ed6d9329f2797c9476fd4b9019d7f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

01ebd8d8be2d6500dbd6c5d9b859d36b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
GetLocaleInfoW

user32

DestroyMenu
GetSubMenu
LoadMenuA
TrackPopupMenu

gdi32

BitBlt
SelectObject
CreateCompatibleDC
GetObjectA
DeleteDC

comdlg32

ChooseColorA
GetSaveFileNameA

shell32

Shell_NotifyIconA
ShellExecuteExA
ShellExecuteA
SHGetFileInfoA
ExtractIconExA
SHGetDesktopFolder

oleaut32

GetActiveObject
GetErrorInfo
VariantInit
VariantClear
SysFreeString
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopy
SysReAllocStringLen
SysAllocStringLen
SafeArrayUnaccessData

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Exports

Exports

KYqruoIFr

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 413KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ