73546fd800d0fb3b6787fa2c5003b5b9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

73546fd800d0fb3b6787fa2c5003b5b9_JaffaCakes118
Size

154KB
MD5

73546fd800d0fb3b6787fa2c5003b5b9
SHA1

9779d4b97736bac9307b61c48bd58a72561d5ac0
SHA256

9a91fadd1896570ffe31b29b44e68c5e8e13d53d39dcd04f18d55a2eaf57f40f
SHA512

05517ff2f966becf2859da1fa4be8ea9f0b8b2460cea0608bd777eaee3d5dedd6988d5950c0ccfaac2877aa353ca2c0fc3a02fef6544c135123e36c5f3ac571a
SSDEEP

3072:9nn1GoSFYai7ySr5whRznrGUEDc9Reznza5e0TmuE9oWKn:9njQi7Xmfenc9Rinza5pSuEV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73546fd800d0fb3b6787fa2c5003b5b9_JaffaCakes118

Files

73546fd800d0fb3b6787fa2c5003b5b9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f8fbcc15043db68afbdb9002945390d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
GetACP
GetCurrentDirectoryA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
HeapCreate
InterlockedDecrement
OpenProcess

msvcrt

_wcsicmp
isdigit
malloc
rand
vswprintf
wcscmp
wcslen
free

user32

EmptyClipboard
BeginDeferWindowPos
ReleaseCapture
InflateRect
GetWindowTextA
GetMessageA
GetMenuItemCount
GetDlgItem
CreateIconIndirect
GetClassNameA
DestroyIcon

oleaut32

OleLoadPicture
OleIconToCursor
OleLoadPicturePath
OleTranslateColor
VarBstrCat
SafeArrayAllocDescriptor
SafeArrayAccessData

shlwapi

SHEnumKeyExA
StrChrA
SHOpenRegStreamA
SHDeleteEmptyKeyA

Exports

Exports

ComPlusMigrate
GetNumCaptureDevices
GetUpdateCount
StopStreaming

Sections

.text
Size: 75KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ