221ece4704396580998ebcd2841667d3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

221ece4704396580998ebcd2841667d3_JaffaCakes118
Size

145KB
MD5

221ece4704396580998ebcd2841667d3
SHA1

b9c55a003bd9ca0c84ed949ea75fad0f8aae0401
SHA256

979219d60ab4f868d2725f9ad241aba94b5af515c57584bc6a4f703ac4ae99bf
SHA512

abd6b1d88bb3ef96d9e04dd25b524138ea094d5093e3d04daf93a89fe7ad274cc53394020179410e34987ef68e86c62853a4492527bf46688756dd9f684e7b5e
SSDEEP

3072:z8LkFG7LBShyxg06c8iibo9kb6QwqCuSpcXoScRGdx:z8LkgdyZXsOboruQcXhh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
221ece4704396580998ebcd2841667d3_JaffaCakes118

Files

221ece4704396580998ebcd2841667d3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d7450f903e2ecff322701b8aedb39ab5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
FatalAppExitA
FileTimeToSystemTime
FindResourceA
FormatMessageA
GetACP
GetCommandLineA
GetDriveTypeA
GetExitCodeThread
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetStringTypeW
HeapAlloc
HeapCreate
HeapReAlloc
IsBadReadPtr
LeaveCriticalSection
MultiByteToWideChar
RtlUnwind
SetLastError
SetProcessWorkingSetSize
SetThreadAffinityMask
SetUnhandledExceptionFilter

msvcrt

__p__commode
__set_app_type
exit
printf
strspn
vswprintf
__getmainargs

user32

wsprintfA
CloseClipboard
DialogBoxIndirectParamA
DialogBoxParamA
EnableMenuItem
GetCursorPos
GetDesktopWindow
GetMenuItemID
InsertMenuA
PostMessageA

winmm

mixerGetLineControlsA
mmioAscend
mmioGetInfo
sndPlaySoundA
timeBeginPeriod
mixerGetID

Exports

Exports

VersionNumberUCScribe
W32N_GetAdapterRegistryInfoBySubkeyIndex

Sections

.text
Size: 93KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ