6832623ae0ce351ed77ca8d65fa8cc00_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6832623ae0ce351ed77ca8d65fa8cc00_JaffaCakes118
Size

171KB
MD5

6832623ae0ce351ed77ca8d65fa8cc00
SHA1

0886f0eb16a8227b8b6a10ea3977cc9233d73abe
SHA256

9e9237fe6198c8136d3c9c33d953847947ed778c7295c7655abe1e09cd362001
SHA512

47c6d16f9ec6ad4dcfa828df1c364aaa256f0947c5ed1755127dae355a769bdc89a2e1c0cce33b939021ca668a24dcc8bb0142cdf17d0e344903a4fe245033e6
SSDEEP

3072:lR7rR/mm+CzE7pjcE2PIvhEca8JGkR94agf95vuWQETJ:/x/ro1EuhFaGGkj4Hf9ln

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6832623ae0ce351ed77ca8d65fa8cc00_JaffaCakes118

Files

6832623ae0ce351ed77ca8d65fa8cc00_JaffaCakes118
.dll windows:4 windows x86 arch:x86

393d04897c90543f2b306a92a7b8a759

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DuplicateHandle
ExitProcess
FindResourceA
FreeLibrary
GetACP
GetCommandLineA
GetEnvironmentStringsW
GetModuleHandleA
GetOEMCP
GetPriorityClass
GetStartupInfoA
GetTimeZoneInformation
GetUserDefaultLCID
HeapAlloc
HeapCreate
LoadResource
LockResource
MultiByteToWideChar
RtlUnwind
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TerminateThread
lstrcmpA
lstrlenW

msvcrt

wcslen
__set_app_type
free
realloc
strpbrk
time
wcscmp
_cexit
wcscpy

user32

UnionRect
TrackPopupMenu
InvalidateRgn
GetSysColor
GetDesktopWindow
CheckMenuRadioItem

oleaut32

RevokeActiveObject
SafeArrayAllocDescriptor
SetErrorInfo
SysReAllocString
ClearCustData

shlwapi

SHQueryInfoKeyA
SHSetValueA
StrStrA
PathGetDriveNumberA

Exports

Exports

DrawTextExW_ME
OpenComponentLibraryOnMemEx
USetKBLangFromTypeMEUED

Sections

.text
Size: 107KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ