3b01d9a3177be9ed3cdd1a2f43ff34cb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b01d9a3177be9ed3cdd1a2f43ff34cb_JaffaCakes118
Size

153KB
MD5

3b01d9a3177be9ed3cdd1a2f43ff34cb
SHA1

b9bf0c31af5dc2897faff909a24763341d9b7db1
SHA256

9345d9ee94a69045b541d211b59ee4ff4275999838bb7a1b3e0cf2f5ebb83074
SHA512

b0579687edbadfe154565e80a601cbaa0d3c2320313669d0d7486163ad166d32f114de70be993aa8ae33654e1a4499f876a2e025c5b197157fe46b13f670072d
SSDEEP

3072:R11S9gYywtnfVmT8V0E+ZD3+HMhN+0J5GoDMgXa11S5rI5hw0ZZ7uNlSODP6H:6gYyeUuI5GoDMoavCrI7ZZqNlPi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b01d9a3177be9ed3cdd1a2f43ff34cb_JaffaCakes118

Files

3b01d9a3177be9ed3cdd1a2f43ff34cb_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7965beef1ad678b76dbbced461f61e1a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
ExitProcess
FatalAppExitA
FileTimeToSystemTime
GetACP
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemInfo
GetSystemTimeAsFileTime
HeapAlloc
HeapCreate
lstrcmpiA
lstrlenA

msvcrt

setlocale
__p__commode
__p__fmode
_cexit
_except_handler3
wcscpy
wcscmp
wcscat
rand
isdigit
_exit

user32

ExitWindowsEx
MoveWindow
GetDoubleClickTime
CheckRadioButton

oleaut32

SafeArrayDestroy
OleTranslateColor
RegisterTypeLi
VarBstrCat
SysFreeString
SetErrorInfo
OleIconToCursor
SafeArrayAccessData
SafeArrayCreate

shlwapi

ChrCmpIA
SHEnumKeyExA
StrStrIA

Exports

Exports

OpenCaptureDevice

Sections

.text
Size: 74KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ