3356dcc7714b9db8069eee8133fb2d28_JaffaCakes118 | Triage

Sharing

General

Target

3356dcc7714b9db8069eee8133fb2d28_JaffaCakes118
Size

42KB
MD5

3356dcc7714b9db8069eee8133fb2d28
SHA1

b09deede9872565d74275bd0d5136f67a77fa040
SHA256

f8775409eb0b9178e5049a91e7963299d000bdec8d717ac4d3f9d2a0195cabb5
SHA512

2cb341b71794c47d1d0de5ce9fe998a4c0acf9b250e9322f87af6af87928a06f54301aa51ed49aa3bcb75d7d85afbde58450bfa8de2018fe59f9c32189f7f349
SSDEEP

768:GRcSY67HcuG83Hsga1v38mZ6E8Rk0xS0qtmXuQLaBR4WH+O3g5J+mqDoZuBWVdA:2YCHcu13s711ZP87S0qtmXnLaLC/5e0q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3356dcc7714b9db8069eee8133fb2d28_JaffaCakes118

Files

3356dcc7714b9db8069eee8133fb2d28_JaffaCakes118
.dll windows:4 windows x86 arch:x86

17db30584459669f2211e41d212cb528

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateEventA
CreateThread
ExitProcess
FindResourceA
FlushFileBuffers
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetPriorityClass
GetStartupInfoA
GetSystemTimeAsFileTime
GlobalReAlloc
HeapAlloc
HeapCreate
HeapReAlloc
IsBadStringPtrA
LocalFree
MultiByteToWideChar
OpenEventA
RtlUnwind
SetEndOfFile
SetLastError
SetUnhandledExceptionFilter
TlsAlloc
VirtualFree
WideCharToMultiByte
lstrcmpA
lstrcpyA

msvcrt

__p__commode
__set_app_type
exit
strspn
swscanf
vswprintf
__getmainargs

user32

GetCursorPos
GetWindowTextA
SystemParametersInfoA

winmm

mmioAscend
mmioGetInfo
mmioRenameA
mmioSetBuffer
waveOutGetNumDevs
mmioAdvance

Exports

Exports

GetEncryptionForAdapter
PaletteUpdateNotify

Sections

.text
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ