2ad119f0fa9ee25a10b64a1f33add4a4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ad119f0fa9ee25a10b64a1f33add4a4_JaffaCakes118
Size

128KB
MD5

2ad119f0fa9ee25a10b64a1f33add4a4
SHA1

be814b253275d95d26b542a1d1b43db5c6f61709
SHA256

a3f2f44f415de28e17a430cc9fbceb93bdfd6e98fb0573ccb51e75d50dfa480d
SHA512

1fc68f6a1026c6e13d02acc59b80d4f4e3184a653152ec095253c63e3be1698fa60915ac1855a1d8fda1b4a6b1e6cd425e47f4342136e45bd32f31d6a09307a5
SSDEEP

3072:6ajc8XLaf/HdyyrHMYDfs/gwD0w5mFjeuhyHjYQi4M0:6IcUL0/9XlfsfTmleu4Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ad119f0fa9ee25a10b64a1f33add4a4_JaffaCakes118

Files

2ad119f0fa9ee25a10b64a1f33add4a4_JaffaCakes118
.dll windows:4 windows x86 arch:x86

072e7ed7a40827806d2af1472c932e3f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FormatMessageA
GetCurrentProcessId
HeapAlloc
HeapCreate
ExitProcess

msvcrt

wcslen
_wcsicmp
fprintf
setlocale
sscanf
strpbrk
time
_except_handler3

user32

GetMenu
GetUserObjectSecurity
RemoveMenu
SetFocus
SendMessageA
CreateIconIndirect
MapWindowPoints

oleaut32

OleIconToCursor
GetErrorInfo

shlwapi

SHQueryInfoKeyA
StrChrA
SHDeleteKeyA
PathGetDriveNumberA
PathCombineA
PathBuildRootA
ChrCmpIA
StrStrIA
StrToIntA
SHDeleteValueA

Exports

Exports

CaptureDeviceDialog
Direct3DCreateDevice
GetNewCatalog
MIDL_user_free

Sections

.text
Size: 62KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ