68e212335b1a847ca633a1672fea1c27_JaffaCakes118 | Triage

Sharing

General

Target

68e212335b1a847ca633a1672fea1c27_JaffaCakes118
Size

166KB
MD5

68e212335b1a847ca633a1672fea1c27
SHA1

d7899ac002d933d806069b0ef77f4b29414b23a2
SHA256

59cac77e052b35ef6440919abd2b5db723057b1615a19a16e9014795e74ab7b2
SHA512

18c2ae41b82c88dddfbea0899635e1796f18d6ae804192d2cdfdc8ad143468a162d71c32ca1f646e2e15bc394ba0fb175436e2a5549f3b08345c6436a50e3ef3
SSDEEP

3072:BTMGveXkM7Ocr4vQHSIYMbPSzFecD1wZk49nYtlesGD+HO:BTMGvekkOGKwMzjZwZk49wImHO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68e212335b1a847ca633a1672fea1c27_JaffaCakes118

Files

68e212335b1a847ca633a1672fea1c27_JaffaCakes118
.dll windows:4 windows x86 arch:x86

bdcc93ff7127447493a8b307a5d45050

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
FreeLibrary
GetProcAddress
EnumDateFormatsExW
LoadLibraryA
WideCharToMultiByte
Sleep
GetFileAttributesA
GetTempPathA
GetTempPathW
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GlobalAlloc
GlobalFree

oleaut32

VARIANT_UserFree
CreateErrorInfo
VarUI1FromUI2
GetErrorInfo
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

gdiplus

GdiplusShutdown
GdiplusStartup

Exports

Exports

AlphaBlend
GradientFill
TransparentBlt

Sections

.text
Size: 110KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 274B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ