0e98cedb8e35e6c73b656486f7bb0802_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e98cedb8e35e6c73b656486f7bb0802_JaffaCakes118
Size

131KB
MD5

0e98cedb8e35e6c73b656486f7bb0802
SHA1

6f1a25723e4c0c15a2dd0046b18c04523a21e163
SHA256

d320d5b2fc732e9db66b780b387e87fdcffdf5fff1d04bdc6a297118cd9d5e2f
SHA512

88269ccaa5fd56a1f8bba7900450dac82a4d29d06f3532c7dad0371b86a0054eeca950ae53399504341a84461772ed45f08a934cd49434e1fc66e628e208a64f
SSDEEP

3072:rpfzFMY4klEa8o0bLyyhDAXYdJjSm+gBDFgVzw69QYd:rp7Fz4klH8pLHVAXUum+0pg5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e98cedb8e35e6c73b656486f7bb0802_JaffaCakes118

Files

0e98cedb8e35e6c73b656486f7bb0802_JaffaCakes118
.dll windows:4 windows x86 arch:x86

61e3d1c5e48c7f6eae92fcc308984356

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
FreeEnvironmentStringsA
GetCPInfo
GetStringTypeW
GetTimeFormatA
HeapAlloc
HeapCreate
SetLastError
TerminateThread
lstrcmpA

msvcrt

time
__p__fmode
_cexit
_except_handler3
_exit
printf
strspn
swscanf
__p__commode

user32

EnumChildWindows
GetDlgCtrlID
KillTimer
LoadMenuA
RegisterWindowMessageA
SetClipboardData
DefWindowProcA
GetCursorPos

oleaut32

OleLoadPicturePath
RegisterTypeLi
RevokeActiveObject
OleLoadPicture
SafeArrayAllocDescriptor
SafeArrayDestroy
SysFreeString
VarBstrCat

shlwapi

PathFindOnPathA
SHDeleteEmptyKeyA
SHQueryInfoKeyA
StrChrA
StrSpnA
SHDeleteValueA
ChrCmpIA

Exports

Exports

ReleaseSessionRef

Sections

.text
Size: 65KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ