729b81bf5b73e4b954d7765e2a7f7a52_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

729b81bf5b73e4b954d7765e2a7f7a52_JaffaCakes118
Size

171KB
MD5

729b81bf5b73e4b954d7765e2a7f7a52
SHA1

b415ba9409a7cc4860c8f7432d1a0ca76ba8f82a
SHA256

9dfad92025fcc0dad1a441103261bb07a0ff20bc9c319e737f2fd74ba741a821
SHA512

6ceb0ace630132e5c2a6f7935de40d5b655369fec550f7acbdc7ffa1989805ba6a6abaf43946f1189eff1fa7ca9fe58a4bc66f17480ae09bf54ba96cc2eb5140
SSDEEP

3072:6quTudVaNtdQX3x66Zi0wqILUUJqRb/6kKRD/VOqS9oSSYl7KCpFRFzd39:6quTuzaNtdQomXI1Jqx/uxOqSIiBb3z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
729b81bf5b73e4b954d7765e2a7f7a52_JaffaCakes118

Files

729b81bf5b73e4b954d7765e2a7f7a52_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1eb23579c6f4c8117bd5f7cf90d0f1ae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
FindClose
FindResourceA
GetACP
GetCommandLineA
GetConsoleMode
GetDateFormatA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
HeapCreate
MapViewOfFile
MultiByteToWideChar
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
lstrlenA

msvcrt

realloc
wcscat
wcslen
vswprintf

user32

GetPropA
GetParent
IsDlgButtonChecked
DrawIconEx
DestroyWindow
CreateWindowExA
PostQuitMessage
SetScrollInfo
SetWindowPlacement
FillRect
DrawMenuBar

oleaut32

OleIconToCursor
GetErrorInfo
ClearCustData
OleLoadPicturePath
OleTranslateColor
SafeArrayAccessData
SafeArrayAllocDescriptor
SafeArrayCreate
SysFreeString
SysStringLen

shlwapi

ChrCmpIA
PathCombineA
PathFileExistsA
PathFindOnPathA
PathGetDriveNumberA
SHDeleteEmptyKeyA
SHDeleteValueA
SHOpenRegStreamA

Exports

Exports

DrawTextExW_ME
InitializeStreaming

Sections

.text
Size: 103KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ