406a10418b45efa2b6cc86f79c63dd1e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

406a10418b45efa2b6cc86f79c63dd1e_JaffaCakes118
Size

155KB
MD5

406a10418b45efa2b6cc86f79c63dd1e
SHA1

9eefe5b957597e3e3221304fb03ddf8c2c9ea71c
SHA256

ac25185669c1943613d03cdd31e916f15e4f6604c377991b0395ca45a84b54e7
SHA512

cb4678051de828aab33992f04cf9f377eb7854f81577500806018a97fd14ea968734c44bcd2f11488c630364c2d50c7525a4ede01069b0644499a0ad4e9acd08
SSDEEP

3072:4ZYscH8ZHCrqoRbU8Rwz6mlvLgGkaB1ElCPD9yjkcLSyTxmdWl:4asE8ZH+qOIucLgGVB+qrc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
406a10418b45efa2b6cc86f79c63dd1e_JaffaCakes118

Files

406a10418b45efa2b6cc86f79c63dd1e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e416fae7a0e1e946fca2efa3879dacc7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CompareStringA
ExitProcess
FlushFileBuffers
GetACP
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
HeapCreate
HeapReAlloc
SetProcessWorkingSetSize
lstrlenA

msvcrt

wcslen
_except_handler3
free
isdigit
malloc
printf
strspn
wcscmp
_XcptFilter

user32

CreateDialogParamA
DeferWindowPos
DrawMenuBar
GetClientRect
IsWindowVisible
LoadIconA
ReleaseCapture
CloseClipboard
DispatchMessageA

oleaut32

OleIconToCursor
OleLoadPicture
OleTranslateColor
GetErrorInfo
RevokeActiveObject
SafeArrayAccessData
SafeArrayAllocDescriptor
VarBstrCat
SysReAllocString
SafeArrayDestroy
SafeArrayCreate

shlwapi

PathFileExistsA
PathGetCharTypeA
SHQueryInfoKeyA
SHSetValueA
StrStrA
SHEnumKeyExA
PathCombineA

Exports

Exports

Direct3D_HALCleanUp
HrGetFontFallback
SelectionBoundsMEUED

Sections

.text
Size: 72KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ