24aac358f5e902e207d347eb5d270934_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

24aac358f5e902e207d347eb5d270934_JaffaCakes118
Size

288KB
MD5

24aac358f5e902e207d347eb5d270934
SHA1

ea86c678dcd3864456c1a37da012be5bdd159fc6
SHA256

1ef99957aec23308cb326a2f7ce9ef1743f1c56ee06a9c15e688231fb73dca8b
SHA512

b8b655ea8b2028be8e44a7c1e6398659967c72996e8f6862d4542eff0a9ae5c39b94d68479f8029264fd167c73bbfc1c00edd6de45accb3d8cd1985a5a9b1f6f
SSDEEP

6144:zLHNH/gxolIb3bicjdnKvvuJgP8Ns7h1WwxKz2Q83gAAjMJ+4:FfH2fovqOSYs0KzY3tA74

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24aac358f5e902e207d347eb5d270934_JaffaCakes118

Files

24aac358f5e902e207d347eb5d270934_JaffaCakes118
.dll windows:4 windows x86 arch:x86

999a961f1d334bbb723675e0a711ec23

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ShowOwnedPopups
SetFocus
LoadCursorFromFileA
LoadAcceleratorsA
GetMessageA
EndPaint
DialogBoxParamA
DestroyCaret
DeleteMenu
CreateMDIWindowA
CreateAcceleratorTableA
CharUpperA
CharNextA
ChangeMenuA

kernel32

lstrcatA
TlsGetValue
SetCurrentDirectoryA
GetFileSize
lstrcpyA

ole32

OleDuplicateData
OleCreateLinkToFileEx
OleCreateLinkToFile
OleCreateLink
OleFlushClipboard
CoInitializeSecurity
CoInitialize
CoGetTreatAsClass
CoGetStandardMarshal
OleGetAutoConvert
OleLockRunning
PropStgNameToFmtId
ReleaseStgMedium
CoRevertToSelf
CoCreateInstance
CoCreateGuid
CoGetClassObject
CoGetInstanceFromFile
CoGetInstanceFromIStorage
CoGetInterfaceAndReleaseStream
CoGetMalloc
CoGetObject

Sections

.text
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 257KB - Virtual size: 588KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ