282aa8add4f4875635a3a8b37d8a3f93_JaffaCakes118 | Triage

Sharing

General

Target

282aa8add4f4875635a3a8b37d8a3f93_JaffaCakes118
Size

153KB
MD5

282aa8add4f4875635a3a8b37d8a3f93
SHA1

9b6cb6bbc40826c5602df1b4f73af492193e3a3a
SHA256

6e26afe84397f2a90f2a3454e472155f08f37fab03194551e00758c932d8ba69
SHA512

642ac9db49446d4ccc3ee89cd0c8c1ad910537fb1b0355c7c23c060e0bca591b73f8e7bdaef907786dd1a9f88f713cfe5af57129939f6003f621c97159d52cee
SSDEEP

3072:7E9tcDQnoCmym5K9BQfnkYgY5qrXWdQFhmYZE6F0h:YsDQyyVBSnkI50GdUgs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
282aa8add4f4875635a3a8b37d8a3f93_JaffaCakes118

Files

282aa8add4f4875635a3a8b37d8a3f93_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4da75da4dcae78d88a62c34f7b11d04b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
GetACP
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
HeapCreate
TlsSetValue
lstrcpynA

msvcrt

vswprintf
_XcptFilter
__p__commode
__set_app_type
rand
fwprintf
_except_handler3
_exit

user32

CreateIconIndirect
SetCapture

oleaut32

OleLoadPicturePath
ClearCustData

shlwapi

SHDeleteValueA
SHQueryInfoKeyA
SHSetValueA

Exports

Exports

CreateASUSessionWithURL
GetNextReadyBuffer
GetUpdateName
MIDL_user_free

Sections

.text
Size: 74KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ