1036c2a799e383336c2fede68fa9a740_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1036c2a799e383336c2fede68fa9a740_JaffaCakes118
Size

84KB
MD5

1036c2a799e383336c2fede68fa9a740
SHA1

e59b11d2007b273aa494e4d0ce6e523a34087d30
SHA256

58ad0186c4fbef2020d4af81eb95a9a48e27e7a55471cbcf1a46b1151ad593e9
SHA512

bb73e91786e626b2306d47c2f0570a946ebefc15b88845598377e4fcdf27456c967e5e73d87eb06d2f0ea29d4b5901cd9efd1de6f496e44cd91d966b39b10d21
SSDEEP

1536:SlE5gn8WemIc/8NnFu4nSzm4BELu27AsEJmuDUvvWcyh2mPPlACG7:SR8Zu0GISwLd7A1Jmu+vSh20la

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1036c2a799e383336c2fede68fa9a740_JaffaCakes118

Files

1036c2a799e383336c2fede68fa9a740_JaffaCakes118
.dll windows:4 windows x86 arch:x86

78ab3d83c692c594ec269100627382c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comdlg32

FindTextA

user32

GetKeyState
ReleaseCapture
PostMessageA

kernel32

LocalShrink
QueryDosDeviceW
LocalFlags
HeapCreate
WideCharToMultiByte
CallNamedPipeW
CloseHandle
ConvertThreadToFiber
CreateSemaphoreW
EnumSystemCodePagesA
EnumSystemLocalesA
ExitProcess
FoldStringW
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetPrivateProfileIntW
GetStartupInfoA
GetVersionExA
HeapAlloc
TlsFree

ole32

CoTaskMemAlloc
CoGetMalloc
CreateAntiMoniker
StringFromGUID2
CoFileTimeNow
CoCreateInstance
CoCreateGuid
CoBuildVersion
CoTaskMemFree

dbghelp

UnmapDebugInformation
SymRegisterFunctionEntryCallback
SymRegisterCallback64
SymGetSymFromName64

comctl32

ImageList_DrawIndirect
ImageList_Draw
ImageList_BeginDrag

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ