488ac471da707ee1aa2bacfaed54172d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

488ac471da707ee1aa2bacfaed54172d_JaffaCakes118
Size

288KB
MD5

488ac471da707ee1aa2bacfaed54172d
SHA1

0aa8b50a6f9e3a2bee865f0229b27d0f3e9eaee4
SHA256

039fc9781a2356b08ace3e212d2b94624fbe29b747477c41cd88de6bc92b40ca
SHA512

f850c31540f5fb99165758d7aee50f0e55e534f710d919f484f0faec574b33aab7de422497b256e873a9dd8e523517425aa21d28208c8e613e4c3f470f7de5e3
SSDEEP

6144:zLHNH/gxolIb3bicjdnKvvuJgP8Ns7h1WwxKz2Q83gAAjMJ+l:FfH2fovqOSYs0KzY3tA7l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
488ac471da707ee1aa2bacfaed54172d_JaffaCakes118

Files

488ac471da707ee1aa2bacfaed54172d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

999a961f1d334bbb723675e0a711ec23

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ShowOwnedPopups
SetFocus
LoadCursorFromFileA
LoadAcceleratorsA
GetMessageA
EndPaint
DialogBoxParamA
DestroyCaret
DeleteMenu
CreateMDIWindowA
CreateAcceleratorTableA
CharUpperA
CharNextA
ChangeMenuA

kernel32

lstrcatA
TlsGetValue
SetCurrentDirectoryA
GetFileSize
lstrcpyA

ole32

OleDuplicateData
OleCreateLinkToFileEx
OleCreateLinkToFile
OleCreateLink
OleFlushClipboard
CoInitializeSecurity
CoInitialize
CoGetTreatAsClass
CoGetStandardMarshal
OleGetAutoConvert
OleLockRunning
PropStgNameToFmtId
ReleaseStgMedium
CoRevertToSelf
CoCreateInstance
CoCreateGuid
CoGetClassObject
CoGetInstanceFromFile
CoGetInstanceFromIStorage
CoGetInterfaceAndReleaseStream
CoGetMalloc
CoGetObject

Sections

.text
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 257KB - Virtual size: 588KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ