67f5639c25bd9ae946ced707a99f3148_JaffaCakes118 | Triage

Sharing

General

Target

67f5639c25bd9ae946ced707a99f3148_JaffaCakes118
Size

130KB
MD5

67f5639c25bd9ae946ced707a99f3148
SHA1

2b41f53762c1d4c9da95950fb35d85f866fdae90
SHA256

64c5bd0ce954e19a60f71817a876cb3ca2061459a4fabd53d058114d676f9a8d
SHA512

1dbe3a851f753ede27c68798b05c2094efdc3595119bbba9b6c888a3ca20ad19dc525e34c4312affc3adc054f2f7d4a03364d2d18c83652b538fde3b1b7a9b1c
SSDEEP

3072:MHKrd4j924tkd/xjFmaUpAycwI+kirw8wReX2H6:MHy2D2pAcwQ0vK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67f5639c25bd9ae946ced707a99f3148_JaffaCakes118

Files

67f5639c25bd9ae946ced707a99f3148_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0234660f8f02c580036549c26e62af72

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeEnvironmentStringsA
GetLocaleInfoA
GetSystemTimeAsFileTime
HeapAlloc
HeapCreate
SearchPathA
SetHandleCount
SetPriorityClass
TlsFree

msvcrt

sscanf
__set_app_type
_except_handler3
_exit
exit
fprintf
wcscpy
vswprintf
__p__fmode
realloc
isdigit

user32

GetWindowRect
LoadIconA
PeekMessageA
SetWindowPos
DefWindowProcA
GetWindowLongA

oleaut32

OleLoadPicturePath
RevokeActiveObject
SafeArrayAllocData
SetErrorInfo
OleIconToCursor
SysFreeString
VarBstrCat

shlwapi

PathAppendA
PathCombineA
PathFindOnPathA
PathGetCharTypeA
SHEnumKeyExA
SHQueryInfoKeyA
SHSetValueA
StrStrA
SHDeleteEmptyKeyA

Exports

Exports

CaptureDeviceDialog
Direct3DCreateDevice
GetNewCatalog
MIDL_user_free

Sections

.text
Size: 65KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ