6acf5fa32cee11ec801e805161cfce0b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6acf5fa32cee11ec801e805161cfce0b_JaffaCakes118
Size

178KB
MD5

6acf5fa32cee11ec801e805161cfce0b
SHA1

fcd211bc4ba806a6030b5a2649525f81335934af
SHA256

339658e095e342b0f00aa42f020354df75e06374e8656caf44e444b2703712ec
SHA512

e4f76cb11eca7ba572bc04ee3434da62c6624f6a6a4c82ef267e0db3ecaffa1d93eb5862a27b888b33facb1db03db02074661526326b21533d56c305d5621886
SSDEEP

3072:Iy8Hj+tvumfdggw19rDxFNui08cHh1KQU5FfHDnFpzbqz8mZv:I96lumS1ZdT08cB1K/HDFpzN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6acf5fa32cee11ec801e805161cfce0b_JaffaCakes118

Files

6acf5fa32cee11ec801e805161cfce0b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3eaaf277a78ad676e4d907885cd68d70

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
DeviceIoControl
DuplicateHandle
ExitProcess
FlushFileBuffers
FreeEnvironmentStringsA
GetACP
GetCommandLineA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcessWorkingSetSize
GetStartupInfoA
HeapAlloc
HeapCreate
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
TlsAlloc
TlsGetValue
lstrcmpA

user32

WindowFromPoint
SetClassLongA
FrameRect
DrawTextA

ole32

CLSIDFromString
CoBuildVersion
CoCreateInstance
CoGetMalloc

oleaut32

VarBstrCmp
RegisterTypeLi
OleLoadPicture
GetErrorInfo

Exports

Exports

EnumRelCamSettingNext
GetCDInfo
MemcpyFromArray

Sections

.text
Size: 109KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ