24f6831339ca142b62f7323a4603df0c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

24f6831339ca142b62f7323a4603df0c_JaffaCakes118
Size

160KB
MD5

24f6831339ca142b62f7323a4603df0c
SHA1

8f53811d4d2ca32930c5cd35cc583e8e7aef41d2
SHA256

604db880ba2345bfc4e92168f85470f79733a03f8765e09d564ded1cab79560b
SHA512

eb553e01dbcf2cd2dbda243746de81991f05bedf53c1e50eaeacf657365480b3182ad2f9b15b5c0f861c111d245bfd39d2c16ac5a75ddcfe79d48473bfee5a8e
SSDEEP

3072:f9UNoiZsjBbLeyqy7dAq4Blpmq8dgneYsH6qMEB51XuyiwrljJ:fGKiabL3dAPl90WQB5MjE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24f6831339ca142b62f7323a4603df0c_JaffaCakes118

Files

24f6831339ca142b62f7323a4603df0c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

134be83da7f5ba09a280787645bf9136

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
FindResourceA
GetACP
GetCommandLineA
GetCurrentThread
GetFileTime
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemTimeAsFileTime
HeapAlloc
HeapCreate
IsValidCodePage
LoadResource
MultiByteToWideChar
RtlUnwind
SetEndOfFile
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TerminateProcess

msvcrt

realloc
strpbrk

user32

SetDlgItemTextA
SetScrollInfo
SetWindowTextA

oleaut32

GetErrorInfo
VarBstrCmp
SysFreeString
SafeArrayCreate
SafeArrayAllocDescriptor
RevokeActiveObject
RegisterTypeLi
ClearCustData
OleTranslateColor

shlwapi

PathFindOnPathA
PathGetDriveNumberA
SHDeleteEmptyKeyA
SHDeleteValueA
SHEnumKeyExA
PathFileExistsA
ChrCmpIA
PathAppendA
PathBuildRootA
PathCombineA

Exports

Exports

SurfaceFlipNotify
VersionNumberUCScribe

Sections

.text
Size: 102KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ