7387678b812485f016ce4cc9a25ec9a4_JaffaCakes118 | Triage

Sharing

General

Target

7387678b812485f016ce4cc9a25ec9a4_JaffaCakes118
Size

160KB
MD5

7387678b812485f016ce4cc9a25ec9a4
SHA1

c3a274aa305a1095cf632efebeff1307002e2791
SHA256

c3a6c040e4740e15b80089e6e44c726f45a0970b7f8ea63d37f047d2f584c6b2
SHA512

ed2e01f733ae05a0b89fe73f18c2b7c7b63a93006e770a5ebfa06f3c56b6de4c3d777ef523e47161772e0a993d14776724c84f28c10a06b3f23e7fa377173b1b
SSDEEP

3072:BndLZGQ1Jl+J+Pp/d3xMJh988TLtTVoFUCO5x+yBF8SXIUmQ/:BnpZGiw+1dSHDNTVV5x+yBF8SX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7387678b812485f016ce4cc9a25ec9a4_JaffaCakes118

Files

7387678b812485f016ce4cc9a25ec9a4_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8c04cfe34120a27b6430f224a4476034

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
DeviceIoControl
ExitProcess
FindResourceA
FormatMessageA
GetACP
GetCommandLineA
GetCurrentThread
GetCurrentThreadId
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetTimeZoneInformation
GlobalUnlock
HeapAlloc
HeapCreate
HeapReAlloc
LeaveCriticalSection
MultiByteToWideChar
RtlUnwind
SetLastError
SetProcessWorkingSetSize
SetUnhandledExceptionFilter
VirtualAlloc
lstrcpyA
lstrlenA

user32

InvalidateRect
GetUserObjectSecurity
DrawEdge
CreateDialogParamA
ClientToScreen

comdlg32

PageSetupDlgA
FindTextA

Exports

Exports

D3DBreakVBLock

Sections

.text
Size: 99KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ