465a5a4e5585f48b8e30b7b27a8a170f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

465a5a4e5585f48b8e30b7b27a8a170f_JaffaCakes118
Size

161KB
MD5

465a5a4e5585f48b8e30b7b27a8a170f
SHA1

685df14535d95b1ffd71bb4023f4fb8400848f7c
SHA256

6da4a61d399fb44e6fe2f8777090a72c45debe4471487f13a52c21a21141bad1
SHA512

211d0a2fac9f836e2833b2090bf27b544ede3a119290e56399a261b87c231904c16c1cc8d7c5238d8280782dd54e81b10ca360ca4902f76fa523249da80b2788
SSDEEP

3072:vsHcS98+XkjKYfbH714AVY5HPi3ba7WIQHu3WCNI3MYUZUk6LY7Fp0JmL:vsHcSwfzZ4A+pKMWHupNQMvk0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
465a5a4e5585f48b8e30b7b27a8a170f_JaffaCakes118

Files

465a5a4e5585f48b8e30b7b27a8a170f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

69c934683b831ea0b811ff1b343a0253

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
ExitProcess
FindResourceA
GetACP
GetCommandLineA
GetModuleHandleA
GetNumberFormatA
GetOEMCP
GetStartupInfoA
GlobalUnlock
HeapAlloc
HeapCreate
LoadResource
LockResource
MapViewOfFile
MultiByteToWideChar
RtlUnwind
SetLastError
SetStdHandle
SetThreadAffinityMask
SetUnhandledExceptionFilter

msvcrt

__p__commode
__set_app_type
malloc
realloc
strspn
__p__fmode

user32

FindWindowExA
GetFocus
DefDlgProcA
GetPropA
LoadIconA
LoadImageA
SendMessageA
ShowWindow
EndPaint
DestroyIcon

oleaut32

SysStringLen
ClearCustData
OleLoadPicture
OleLoadPicturePath
OleTranslateColor
RegisterTypeLi
SetErrorInfo
SysFreeString
VarBstrCat
GetErrorInfo
SysReAllocString

shlwapi

PathFileExistsA
PathFindOnPathA
SHOpenRegStreamA
SHSetValueA
StrChrA
StrSpnA
StrStrIA

Exports

Exports

DrawTextW_ME
HrInitUCScribe
SurfaceFlipNotify

Sections

.text
Size: 103KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ