216bb4b35114c5f7e9a0210e2ac79f2e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

216bb4b35114c5f7e9a0210e2ac79f2e_JaffaCakes118
Size

162KB
MD5

216bb4b35114c5f7e9a0210e2ac79f2e
SHA1

47df3d77af1bccbfef5d9db76d91f82a1edbb1bf
SHA256

d3f88eab6ed08f1129bedaa6d52662133f982ee2bc33c8420cea950be370317a
SHA512

258fcecfe4e574461f08082205dc63289d7a1cae5c44c40d782474bdd8f2da90f33eb8675b3c63c4963590760f1fc33dda64fc44e778d66e447d1a7259d7ee2f
SSDEEP

3072:b2obL/4z/AP8Gw+YLBPg9cXyTtqQCATCVrHoswzIYIkkBKNefboZmyV:yobK/m8GwT9dXyTcN6jz6kMKNEm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
216bb4b35114c5f7e9a0210e2ac79f2e_JaffaCakes118

Files

216bb4b35114c5f7e9a0210e2ac79f2e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c13d5ad66cc87c2475a5de52a7064b0a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
FreeEnvironmentStringsA
GetACP
GetCommandLineA
GetCommandLineW
GetEnvironmentVariableA
GetFileType
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
HeapCreate
HeapReAlloc
LeaveCriticalSection
MultiByteToWideChar
OutputDebugStringA
ResetEvent
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
TlsFree
lstrcmpA

user32

InvalidateRect
GetPropA
ReleaseCapture
FrameRect
PostMessageA
GetSubMenu
CreateMenu

comdlg32

PageSetupDlgA
PrintDlgA

Exports

Exports

D3DBreakVBLock

Sections

.text
Size: 101KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ