6563ca1208d21121bed154da8a8fc678_JaffaCakes118 | Triage

Sharing

General

Target

6563ca1208d21121bed154da8a8fc678_JaffaCakes118
Size

170KB
MD5

6563ca1208d21121bed154da8a8fc678
SHA1

a3636702fb857bcdfdc3e7c3a8d16ab0b3f8b45f
SHA256

2deab9c3902e5b2aecb26bfd4fe13b060d5b60e5466b6a371c74107a0310fe2c
SHA512

3542f8bddaca0b27a556564bc4ee66facf3dbdb9b377c3ee6fd0e4c8e30414cb541b7ea527964a0ccc6ad4f9cd334720b806305cb24ff0bbf2fc3975ab94997f
SSDEEP

3072:oY14zgcHQ7drnGpkSRbuTV3M3VLFNJeOQu7yPZx0+tX6Zh//wo:odz3Q7drWkSRbgM3TNjEHHKTA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6563ca1208d21121bed154da8a8fc678_JaffaCakes118

Files

6563ca1208d21121bed154da8a8fc678_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2c2d0b9c1fa05cf4747e4c3a56dc4feb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
FileTimeToSystemTime
FindFirstFileA
FindResourceA
GetACP
GetCommandLineA
GetModuleHandleA
GetNumberFormatA
GetOEMCP
GetStartupInfoA
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
MapViewOfFile
MultiByteToWideChar
OpenProcess
ReadProcessMemory
RtlUnwind
SetEndOfFile
SetFilePointer
SetHandleCount
SetLastError
SetUnhandledExceptionFilter
TerminateThread
TlsGetValue
UnmapViewOfFile
VirtualAlloc
VirtualFree
WideCharToMultiByte
lstrlenW

msvcrt

__p__commode
__set_app_type
exit
fwprintf
printf
__getmainargs

user32

SetUserObjectSecurity
RegisterClassExA
IntersectRect
GetWindowTextA
GetClientRect
OpenClipboard
TranslateMessage

ole32

CreateBindCtx
CoTaskMemRealloc
CoFileTimeNow
CoCreateInstance
CLSIDFromString

Exports

Exports

GetCatalogObject2
W32N_DisableLoopback

Sections

.text
Size: 89KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ