7602749fbe11d2f9ab277245ab6487d5_JaffaCakes118 | Triage

Sharing

General

Target

7602749fbe11d2f9ab277245ab6487d5_JaffaCakes118
Size

171KB
MD5

7602749fbe11d2f9ab277245ab6487d5
SHA1

b886701f61783b53f84646e55f415f743a03e363
SHA256

4473275d1ea8d334a9f45ced3cd5eb48147458e3a328d1e5534efd4a0354ff09
SHA512

3e2d7598a26c6d4d1d5b359ba9d8d38833f4c5aeb06edce30346b30b6073d8a9ad10c68c6054fe35b201aeadadb32f12f79c055264153d57d208654bc3584bb6
SSDEEP

3072:IKLLvqt6i2oagqnEBBzlsR6ysZtxunSr3Lw6l4BzCQhbe:IKvqt92owE66xZtxuSDll4Bzj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7602749fbe11d2f9ab277245ab6487d5_JaffaCakes118

Files

7602749fbe11d2f9ab277245ab6487d5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e271380fcd804dd6c7378704ad47c306

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
DeviceIoControl
ExitProcess
ExitThread
FindResourceA
GetACP
GetCommandLineA
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetStartupInfoA
GlobalAlloc
HeapAlloc
HeapCreate
HeapReAlloc
MultiByteToWideChar
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
lstrcpynA

msvcrt

realloc
_exit
srand
vswprintf
_cexit

user32

ReleaseCapture
RegisterClassExA
DialogBoxParamA
ClientToScreen
PostMessageA
LoadImageA
GetWindowDC
GetUserObjectSecurity
GetMenuItemCount
GetUpdateRgn

oleaut32

SysStringLen
SafeArrayAccessData
VarBstrCat
OleTranslateColor
SetErrorInfo
SafeArrayCreate

shlwapi

StrStrA

Exports

Exports

DrawTextExW_ME
InitializeStreaming

Sections

.text
Size: 104KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ