729e2a56ac282dbd64bf820a7248f220_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

729e2a56ac282dbd64bf820a7248f220_JaffaCakes118
Size

154KB
MD5

729e2a56ac282dbd64bf820a7248f220
SHA1

4ab8245a59315076acd1ff3d7a70af9fadd15faa
SHA256

5baecb12ac0579376e83682dc2c6f93155ea6479a7a9f6820bf828330711cf5d
SHA512

c1f889fc38382ff73a016f5418a52799bb1d4bb6a53262352efa7e36d3e3376f43dc626274ff13dc9ecaa5c677845216ad6e2a121128f3609a482d2dfd10dcc1
SSDEEP

3072:EeJYXzAbappwcyn05MnK7zuGy5lI0g0dZK1JJdmg0JHmfmy7rC8De:BJoA+pWcMQn7zUI0gkE1jqHmfmWrC8D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
729e2a56ac282dbd64bf820a7248f220_JaffaCakes118

Files

729e2a56ac282dbd64bf820a7248f220_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8163b3b6ff275f9ea8c06e4b728914fd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
GetACP
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemInfo
GlobalUnlock
HeapAlloc
HeapCreate

msvcrt

srand
__p__commode
__p__fmode
vswprintf
strpbrk
sscanf
wcscpy
setlocale
malloc
exit

user32

EmptyClipboard
CreateDialogParamA

oleaut32

SafeArrayAllocData
SafeArrayAllocDescriptor
OleLoadPicturePath
SafeArrayCreate
SysFreeString

shlwapi

PathCombineA
PathAppendA
PathFileExistsA
PathGetDriveNumberA
SHDeleteValueA
StrRStrIA
StrSpnA
SHEnumKeyExA

Exports

Exports

CreateCaretMEUED

Sections

.text
Size: 75KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ