327ca8e4599a6eba222ac29330b54457_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

327ca8e4599a6eba222ac29330b54457_JaffaCakes118
Size

166KB
MD5

327ca8e4599a6eba222ac29330b54457
SHA1

8b1de11dccfebd04d4f9ee2cdbc7f9fa9668b6bc
SHA256

4d03eefbc49dac8a6e73d0664f0bfe6b8e3c3fbf98dc68939451f893d7209b32
SHA512

307e8a154c2039332e9e020d508447969d1fb04e6f7627750a1ca3c489ffa90f63ef6de42203f4844b72f3be52cbfa7e3c7ec9f6b77765c70ce599958e408ce8
SSDEEP

3072:HGFxlC4WDh0wHTPMFm8w5CKnORb8Q1VY8e9v7iEw/I+8IyMwnY0Qe:HAUKwzPME7ti8Eo9v7iEsZlw3Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
327ca8e4599a6eba222ac29330b54457_JaffaCakes118

Files

327ca8e4599a6eba222ac29330b54457_JaffaCakes118
.dll windows:4 windows x86 arch:x86

99413a42797861a351a27f4312a2ab5d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
FreeLibrary
GetProcAddress
EnumDateFormatsExA
LoadLibraryA
WideCharToMultiByte
DeleteFileA
GetFileAttributesA
GetTempPathA
GetTempPathW
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetFileSize
LockFile
LockFileEx
UnlockFile

oleaut32

VARIANT_UserFree
CreateErrorInfo
VarUI1FromUI4
GetErrorInfo
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

gdiplus

GdiplusShutdown
GdiplusStartup

Exports

Exports

AlphaBlend
GradientFill
TransparentBlt

Sections

.text
Size: 109KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ