604b5d4a05a65472900efd546227518c_JaffaCakes118 | Triage

Sharing

General

Target

604b5d4a05a65472900efd546227518c_JaffaCakes118
Size

171KB
MD5

604b5d4a05a65472900efd546227518c
SHA1

416d78b2315c192ac30a28b37aa756743f7ffabe
SHA256

253aa9ffaf44f6c5d080e6868c568300e5d99083fd3494195bce9bb8030aed60
SHA512

2579c0c8c5e9926aa0ef82aa1f0f50cd6f514ef6b5f4091e4dc05bd8a4ac36414540f6fac61ec9c2e2bf96088dbca08900580e6e4b9e2de727ad5686cef1fb64
SSDEEP

3072:HqPtd4594CH7m96g2Qq5OZD6H7durmmrh7:Hb594Cm9LWOCZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
604b5d4a05a65472900efd546227518c_JaffaCakes118

Files

604b5d4a05a65472900efd546227518c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1eb23579c6f4c8117bd5f7cf90d0f1ae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
FindClose
FindResourceA
GetACP
GetCommandLineA
GetConsoleMode
GetDateFormatA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
HeapCreate
MapViewOfFile
MultiByteToWideChar
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
lstrlenA

msvcrt

realloc
wcscat
wcslen
vswprintf

user32

GetPropA
GetParent
IsDlgButtonChecked
DrawIconEx
DestroyWindow
CreateWindowExA
PostQuitMessage
SetScrollInfo
SetWindowPlacement
FillRect
DrawMenuBar

oleaut32

OleIconToCursor
GetErrorInfo
ClearCustData
OleLoadPicturePath
OleTranslateColor
SafeArrayAccessData
SafeArrayAllocDescriptor
SafeArrayCreate
SysFreeString
SysStringLen

shlwapi

ChrCmpIA
PathCombineA
PathFileExistsA
PathFindOnPathA
PathGetDriveNumberA
SHDeleteEmptyKeyA
SHDeleteValueA
SHOpenRegStreamA

Exports

Exports

CaptureFrame
NxCloseCooking

Sections

.text
Size: 104KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ