620a1e78b389d5e4af97b8de8d499de2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

620a1e78b389d5e4af97b8de8d499de2_JaffaCakes118
Size

180KB
MD5

620a1e78b389d5e4af97b8de8d499de2
SHA1

bf62f02ac78713f5dbed31bbe103b0fe43c3d6c6
SHA256

8772d0145595c64cf73d44ca0030081402f9e1257d82ef37625e373a38c72299
SHA512

831ba32bfda0f8c769c6416a6cf118b97ca6b49cca1855619cdd130b6331bcabe6ae6bceaa8418d511ff96326a6d47f141191c7fa1ecd36d02061caa3f15b212
SSDEEP

3072:9YLtHSkq3pRrFsDpIXKz9gUqpYqkneqCHoe8bUhHLeZWGq:9YVaRrGDwUqfLLobb6Lg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
620a1e78b389d5e4af97b8de8d499de2_JaffaCakes118

Files

620a1e78b389d5e4af97b8de8d499de2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

bd3ce8222a3790ae8ce662870b07317f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
DeleteCriticalSection
ExitProcess
FlushFileBuffers
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
HeapCreate
HeapReAlloc
InitializeCriticalSection
InterlockedIncrement
MultiByteToWideChar
OpenEventA
ReadFile
ReadProcessMemory
RtlUnwind
SetConsoleCtrlHandler
SetLastError
SetUnhandledExceptionFilter
WriteConsoleW
WriteFile
lstrcpyA
lstrcpynA

user32

DialogBoxParamA
GetSysColor
GetWindowThreadProcessId
CloseClipboard
PtInRect
ReleaseCapture
TrackPopupMenuEx
CheckRadioButton
IsZoomed
BeginDeferWindowPos

oleaut32

SafeArrayAccessData
SysFreeString

Exports

Exports

GetCDRWErasingTime
SetDesiredUDFPartitionType

Sections

.text
Size: 111KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ