683df0a7c4ee70223a39da3ebbf128ec_JaffaCakes118 | Triage

Sharing

General

Target

683df0a7c4ee70223a39da3ebbf128ec_JaffaCakes118
Size

157KB
MD5

683df0a7c4ee70223a39da3ebbf128ec
SHA1

bca62a387c3b75af612c1a6b5dfb22d0d0ddb9eb
SHA256

0dea499a927f038c54d2357ac8b8cabe6ae6af237a720c77f640279c1dca23ec
SHA512

bcc9a18bd42403a314091aa0ae4cf09bbf5bb9ec908f0ac009123c519901a7b7318cddee49420128c42db3915b3c2cd167a7200fe83a6b899507e5235790f2fc
SSDEEP

3072:HseJUD2w9+5bQPmvn28C/eBsX+DbNRF0O9T45aQBvmsIUdTNKBWk:HBJUDuRQPmvg/eBxb90O94EkmsIWTA8k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
683df0a7c4ee70223a39da3ebbf128ec_JaffaCakes118

Files

683df0a7c4ee70223a39da3ebbf128ec_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f8fbcc15043db68afbdb9002945390d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
GetACP
GetCurrentDirectoryA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
HeapCreate
InterlockedDecrement
OpenProcess

msvcrt

_wcsicmp
isdigit
malloc
rand
vswprintf
wcscmp
wcslen
free

user32

EmptyClipboard
BeginDeferWindowPos
ReleaseCapture
InflateRect
GetWindowTextA
GetMessageA
GetMenuItemCount
GetDlgItem
CreateIconIndirect
GetClassNameA
DestroyIcon

oleaut32

OleLoadPicture
OleIconToCursor
OleLoadPicturePath
OleTranslateColor
VarBstrCat
SafeArrayAllocDescriptor
SafeArrayAccessData

shlwapi

SHEnumKeyExA
StrChrA
SHOpenRegStreamA
SHDeleteEmptyKeyA

Exports

Exports

Direct3D_HALCleanUp
HrGetFontFallback
SelectionBoundsMEUED

Sections

.text
Size: 73KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ