34f3bc5a92c84a7308a47e010682e0e5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

34f3bc5a92c84a7308a47e010682e0e5_JaffaCakes118
Size

313KB
MD5

34f3bc5a92c84a7308a47e010682e0e5
SHA1

6d9841206616e774a3f902ec091e52655df895a5
SHA256

19b528f4bdd1803c2281d21847a9e4da7c63970c43afe84a3ccc0bdc9eb99779
SHA512

16a0ea260af81eab43758685ed58347a39dcb69cd56baa2155a64a353c1487fe9b2256e5f8c85d54395fe89cc8f256261a0484edf5d39e6a77d11e1472c8ff86
SSDEEP

6144:7cvlx62d5APqnb3NoLdvOAq+ARTYUzIY26mZ0oGSI6xuL4h:AtxkPqnb9oLe+ARTYmIfFTxuLC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34f3bc5a92c84a7308a47e010682e0e5_JaffaCakes118

Files

34f3bc5a92c84a7308a47e010682e0e5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5df14a22ebd1f5559b21cba6a959b132

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentThreadId
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LocalAlloc
LocalFree
lstrcpyn
lstrlen
MultiByteToWideChar
OpenMutexA
OpenProcess
VirtualAlloc
VirtualFree
VirtualProtect
WideCharToMultiByte

user32

GetWindowDC
UpdateWindow
ValidateRect
WaitMessage

gdi32

CombineRgn
CreateBrushIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreateRectRgn
CreateSolidBrush
SetWindowOrgEx
StretchBlt
TextOutA

shell32

DllUnregisterServer
DragAcceptFiles
DragFinish
DragQueryFile
DragQueryPoint
SHBrowseForFolder
ShellExecuteA
SHGetPathFromIDList

comdlg32

ChooseFontA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.bss
Size: 254KB - Virtual size: 564KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ