2b51c4936797fae9006d05444aa9893f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b51c4936797fae9006d05444aa9893f_JaffaCakes118
Size

180KB
MD5

2b51c4936797fae9006d05444aa9893f
SHA1

1ef48702e1fce9484451ccbbb5e539a97e46bd95
SHA256

34285f8fab0b154ad53cb286837c8594a8662ea9c7e1da5d37206cabc865a9b6
SHA512

dc49c305dd5cab69acfdcc821881b0661fde5c86c6e38fec0c936d7726127882225a182f53b4923a19f22ae9a9bc806e519cbb4199e1b0006d7feeec98095959
SSDEEP

3072:toKXbMIrQrwCqdsSTvDKY6pBjVcNM932dL+VEqxTEYyO2h/GC8HWeAsUVH5slByz:KQbTK0DFE9V2om4mcTEYF5FLQVH5s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b51c4936797fae9006d05444aa9893f_JaffaCakes118

Files

2b51c4936797fae9006d05444aa9893f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3eaaf277a78ad676e4d907885cd68d70

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
DeviceIoControl
DuplicateHandle
ExitProcess
FlushFileBuffers
FreeEnvironmentStringsA
GetACP
GetCommandLineA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcessWorkingSetSize
GetStartupInfoA
HeapAlloc
HeapCreate
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
TlsAlloc
TlsGetValue
lstrcmpA

user32

WindowFromPoint
SetClassLongA
FrameRect
DrawTextA

ole32

CLSIDFromString
CoBuildVersion
CoCreateInstance
CoGetMalloc

oleaut32

VarBstrCmp
RegisterTypeLi
OleLoadPicture
GetErrorInfo

Exports

Exports

DeleteImage
GetSupportParamItemHead

Sections

.text
Size: 111KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ