38fe7c7f3ef149268f7e8d4b2d48fcfa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

38fe7c7f3ef149268f7e8d4b2d48fcfa_JaffaCakes118
Size

171KB
MD5

38fe7c7f3ef149268f7e8d4b2d48fcfa
SHA1

23f13aa587daf9f60e2c6b3d255972f219af7e69
SHA256

49f4a2c2f86540407688b7dea55afc1616d24d59eb18163f82ebe59b86fdc640
SHA512

ba6198bcc77f4275eaad406349e00438bf3e32b544d88b5f7b607b5eb6adba860cb48ca2bc0c4be264b58ceb46da9b564ffd154757319ed4fea9361df6d8ced0
SSDEEP

3072:i3892IDbJAdG2/kjxl9FxfLc5RNmYnva+ihjReR0h/N7Dooq0L:nOdmjBFV4fmKC+ive+h/N7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38fe7c7f3ef149268f7e8d4b2d48fcfa_JaffaCakes118

Files

38fe7c7f3ef149268f7e8d4b2d48fcfa_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e271380fcd804dd6c7378704ad47c306

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
DeviceIoControl
ExitProcess
ExitThread
FindResourceA
GetACP
GetCommandLineA
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetStartupInfoA
GlobalAlloc
HeapAlloc
HeapCreate
HeapReAlloc
MultiByteToWideChar
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
lstrcpynA

msvcrt

realloc
_exit
srand
vswprintf
_cexit

user32

ReleaseCapture
RegisterClassExA
DialogBoxParamA
ClientToScreen
PostMessageA
LoadImageA
GetWindowDC
GetUserObjectSecurity
GetMenuItemCount
GetUpdateRgn

oleaut32

SysStringLen
SafeArrayAccessData
VarBstrCat
OleTranslateColor
SetErrorInfo
SafeArrayCreate

shlwapi

StrStrA

Exports

Exports

DrawTextExW_ME
InitializeStreaming

Sections

.text
Size: 104KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ