5ddca26be024b2e69d24e486e797e27d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ddca26be024b2e69d24e486e797e27d_JaffaCakes118
Size

142KB
MD5

5ddca26be024b2e69d24e486e797e27d
SHA1

251c096e7d9836fa982ff249551b3d2f6ad6b0a4
SHA256

b11edfcc54e87201c09be85ffe43a2e08c78133c8646a2a7d71d34772948cf35
SHA512

d47c8f144e83a002fd82b78a66028a18883926bf4d736ee79e9360c5cd97204802fcdc411e7d40bdfcce78325a48105652c0b82cf3e7c43c85cac0e6a922febe
SSDEEP

3072:glFCMv69PKBDbCon9ySrBBe4gYDrbTa3QHKsrAA:7Mv6Do0wBe4gYDrbTGPd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ddca26be024b2e69d24e486e797e27d_JaffaCakes118

Files

5ddca26be024b2e69d24e486e797e27d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e23f15c9403413699f5c1a9c2dc7af0a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
GetACP
GetModuleHandleA
GetOEMCP
GetProcessAffinityMask
GetStartupInfoA
GetUserDefaultLCID
GlobalLock
HeapAlloc
HeapCreate
IsBadReadPtr
MulDiv
SearchPathA
SetPriorityClass
SetThreadAffinityMask
SetUnhandledExceptionFilter
lstrcatA

msvcrt

_stricmp
time

user32

AppendMenuA
DefDlgProcA
ExitWindowsEx

oleaut32

OleIconToCursor
VarBstrCmp
SysFreeString
SetErrorInfo
SafeArrayAllocDescriptor
SafeArrayAllocData
RegisterTypeLi
ClearCustData

shlwapi

SHDeleteEmptyKeyA
SHEnumKeyExA
SHOpenRegStreamA
StrRStrIA
StrStrIA
PathCombineA

Exports

Exports

FlushD3DDevices
W32N_CloseAdapter

Sections

.text
Size: 74KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ