75e713b90342b666a1789d5dddf01cb3_JaffaCakes118 | Triage

Sharing

General

Target

75e713b90342b666a1789d5dddf01cb3_JaffaCakes118
Size

153KB
MD5

75e713b90342b666a1789d5dddf01cb3
SHA1

bcd733b69e73c52f27fffa8bb3f2384fae8c51fa
SHA256

bda00ec9febc3d8aa53981f7c3306bf5604e2b48ff76d54cb600122b403a97bf
SHA512

8adbe78ded5c4de4e8dd7ac4e3b056ca3418ffe27756f1fb3a6667648031e52761c94aaef86fe2b1a5aee5f693c981fa748e21066e16b3684e684d9594b5cc01
SSDEEP

3072:JfBlnYTp37Be8/EJDDFEToNFHjr2c4YSxjtJE:JZlYTprY8ccToe9X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75e713b90342b666a1789d5dddf01cb3_JaffaCakes118

Files

75e713b90342b666a1789d5dddf01cb3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7965beef1ad678b76dbbced461f61e1a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
ExitProcess
FatalAppExitA
FileTimeToSystemTime
GetACP
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemInfo
GetSystemTimeAsFileTime
HeapAlloc
HeapCreate
lstrcmpiA
lstrlenA

msvcrt

setlocale
__p__commode
__p__fmode
_cexit
_except_handler3
wcscpy
wcscmp
wcscat
rand
isdigit
_exit

user32

ExitWindowsEx
MoveWindow
GetDoubleClickTime
CheckRadioButton

oleaut32

SafeArrayDestroy
OleTranslateColor
RegisterTypeLi
VarBstrCat
SysFreeString
SetErrorInfo
OleIconToCursor
SafeArrayAccessData
SafeArrayCreate

shlwapi

ChrCmpIA
SHEnumKeyExA
StrStrIA

Exports

Exports

CheckMemoryGates
CloseWZCDbLogSession

Sections

.text
Size: 73KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ