34c372a4b038e3650b60f344a8f748ff_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

34c372a4b038e3650b60f344a8f748ff_JaffaCakes118
Size

58KB
MD5

34c372a4b038e3650b60f344a8f748ff
SHA1

71e5fc94d89be9e20bed7738e2de1a05e2782da1
SHA256

3dcbae2f6725cef341ea3926249b56c9543698ac60c6cb5499df2280474ec93c
SHA512

16772d774aa828079567c337ff54c5c29ebaa85906b48b22be823878a043362de8bf80033804962c4615791079030df144d739279278740d3d6700c83c97c78c
SSDEEP

768:P3fiVoCl/Kd0WS7KxR7jCXZbsgNK0eUkI5DMCaMqMZiblZq777YpYl:PviVjl/a0WSmxEpIAdnf1ZH/6Yl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34c372a4b038e3650b60f344a8f748ff_JaffaCakes118

Files

34c372a4b038e3650b60f344a8f748ff_JaffaCakes118
.dll windows:5 windows x86 arch:x86

65ca06d62be416cb0c7b0258ffc78497

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

EnumFontFamiliesW
GetNearestColor
SelectClipRgn
DeleteObject
EndPage
ExtFloodFill
DPtoLP
CreateBrushIndirect
GetViewportOrgEx

comdlg32

PrintDlgExW
FindTextW
ChooseColorW

kernel32

lstrcatW
MultiByteToWideChar
SystemTimeToFileTime
GetCommMask
DeviceIoControl
GetThreadTimes
MulDiv
GetSystemTime
CreateDirectoryA
GetTickCount
GetConsoleOutputCP
MoveFileExA
GetStdHandle
GetFileType
SetCommMask

user32

RegisterClassW
ClientToScreen
DeferWindowPos
GetKBCodePage
GetClassInfoA
GetMessageA
AppendMenuW
IsCharAlphaW
GetWindowTextW
WindowFromDC

Exports

Exports

HUwicNkugjrGaemzfhnqy
KVAnmQwJxdqegRkfKseh
?_CdVuhloqwrdsmdw@@YGPA_NJ@Z
FIXgwirtnflskwmazmayw
?_WisyncyqpmMoamnP@@YGEPAM@Z

Sections

.itext
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ