3c68167929b7f159ac35d48354d0ba00_JaffaCakes118 | Triage

Sharing

General

Target

3c68167929b7f159ac35d48354d0ba00_JaffaCakes118
Size

178KB
MD5

3c68167929b7f159ac35d48354d0ba00
SHA1

338400f321f111657373972b891ec5a16f249003
SHA256

f6a0f55938b82aaf5663c0b8f5c79c2be2768fcb55f5b24f2f100d2105bbddb2
SHA512

6715fd4b23b13237c5cde9bd78624f0a6a524f3d20f47da400c7a4e98845ccb17cbb516480583b141e7a5f585f182fd361ca3f0a3f4aa60b9aca4de414fc82d2
SSDEEP

3072:h101sna7MYqowXVD9sVukjg7GkyOAFSTJAzoKtSxhAkR7S73Rb8sZdYeHlktkw:fjAMjXR9sVPjg7d+S9AJwG7Pl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c68167929b7f159ac35d48354d0ba00_JaffaCakes118

Files

3c68167929b7f159ac35d48354d0ba00_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2b1a6c30d2b0ae8af7eebf48835c4ce4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileA
GetACP
GetCommandLineA
GetDateFormatA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetTickCount
GlobalAddAtomA
HeapAlloc
HeapCreate
HeapReAlloc
MultiByteToWideChar
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
SizeofResource
VirtualFree

user32

OpenClipboard
WindowFromPoint
IsIconic
SetUserObjectSecurity
SetScrollInfo
GetPropA

oleaut32

GetErrorInfo
SysReAllocString

Exports

Exports

DeleteImage
GetSupportParamItemHead

Sections

.text
Size: 108KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ