19943ca8ead3b69cbf11132e826ea5c2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

19943ca8ead3b69cbf11132e826ea5c2_JaffaCakes118
Size

152KB
MD5

19943ca8ead3b69cbf11132e826ea5c2
SHA1

98c6d9226c09f0078ffb29231a9124ab96c33395
SHA256

297144f3a328d74a38cc646ad7a239fde9b9238c56c33d825484d145b823eee1
SHA512

1f33b2433d78452a343a32141d1f3472295673a97c79af20df0c47582b1c13f7ea5f75ca9df1b2e6698496bcf6041762cd4d92109ef754b685fd78e9653ca369
SSDEEP

3072:XxNufI2Kd5wj5PaiS4ymSBoJEPZrZgm2tLAtlDh8bv/GD/HEHVlL:XxN0FKdKjBHymSBYExKm2kWb/j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19943ca8ead3b69cbf11132e826ea5c2_JaffaCakes118

Files

19943ca8ead3b69cbf11132e826ea5c2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7965beef1ad678b76dbbced461f61e1a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
ExitProcess
FatalAppExitA
FileTimeToSystemTime
GetACP
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemInfo
GetSystemTimeAsFileTime
HeapAlloc
HeapCreate
lstrcmpiA
lstrlenA

msvcrt

setlocale
__p__commode
__p__fmode
_cexit
_except_handler3
wcscpy
wcscmp
wcscat
rand
isdigit
_exit

user32

ExitWindowsEx
MoveWindow
GetDoubleClickTime
CheckRadioButton

oleaut32

SafeArrayDestroy
OleTranslateColor
RegisterTypeLi
VarBstrCat
SysFreeString
SetErrorInfo
OleIconToCursor
SafeArrayAccessData
SafeArrayCreate

shlwapi

ChrCmpIA
SHEnumKeyExA
StrStrIA

Exports

Exports

CLSIDFromStringByBitness
GetPriority

Sections

.text
Size: 73KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ