7336ba1c2ef1f4a2c18b8735e70f0945_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7336ba1c2ef1f4a2c18b8735e70f0945_JaffaCakes118
Size

168KB
MD5

7336ba1c2ef1f4a2c18b8735e70f0945
SHA1

0dade60eca3fa8d181db451f8c18e6c626d30a1c
SHA256

5c87786da1350a29462a15bc597c22b83bb89149142557d0949cba79c119bd28
SHA512

9abb1ebd00c39295136cb872dd393e8e077766124b9063b5b2e7b4904a8fac1d1467f0b13ea086a8a6b96288136c8f10164bb12f755e0632c8c148d3d7c4d3ec
SSDEEP

3072:/2P12Iw/u7/88UMw8eyiA4OYtmTOVjp9DZtsrGIfxVEin8A1V/o/F:e12Iw/ubPU6LCNtUOVjjDuGYVERGZo/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7336ba1c2ef1f4a2c18b8735e70f0945_JaffaCakes118

Files

7336ba1c2ef1f4a2c18b8735e70f0945_JaffaCakes118
.dll windows:4 windows x86 arch:x86

30d9085a3289e9eaa9ca24c0327794b6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
FindFirstFileA
FindResourceA
GetACP
GetCommandLineA
GetCurrentThread
GetCurrentThreadId
GetExitCodeThread
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetStringTypeA
GetStringTypeW
HeapAlloc
HeapCreate
HeapReAlloc
IsValidCodePage
IsValidLocale
MultiByteToWideChar
ResetEvent
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
WriteFile
lstrcmpiA
lstrcpyA

msvcrt

__getmainargs
__p__commode
__set_app_type
_wcsicmp
exit
fprintf
isdigit
srand

user32

ReleaseDC
OffsetRect
ChildWindowFromPoint
GetWindowTextA

ole32

StringFromGUID2
CreateBindCtx
CoTaskMemAlloc
CoCreateInstance
CoBuildVersion

Exports

Exports

D3DFree
DrawTextWCP_ME
FSimpleStr
ReleaseUpdateListRef
W32N_OpenAdapterA
W32N_PacketReadEx

Sections

.text
Size: 87KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ