74989e1bf76875f15618f7e227a96729_JaffaCakes118 | Triage

Sharing

General

Target

74989e1bf76875f15618f7e227a96729_JaffaCakes118
Size

51KB
MD5

74989e1bf76875f15618f7e227a96729
SHA1

34eeb531d8c90d8c4ab565a2506a8600811a200b
SHA256

7aaf13852b058f1825c8dc37a946ea5b1c40038e14424d1dcbeb674aee6a1301
SHA512

9acb114b38f10cc529ad4f429a142359ebd7fb9bcdb1b38d0345d140fbecc37a3201ce9ad6006b0e309ebd859bab7a66282e54f391c74542fb4a432ce8dfe208
SSDEEP

768:2/u0ZkoiPwrgsxMrZlOkicSvNdhG5xw1xVW6EmUiBwq/rNJMqftrJto:2/NkniMFlOiiE5xw1xVWtiBjJk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74989e1bf76875f15618f7e227a96729_JaffaCakes118

Files

74989e1bf76875f15618f7e227a96729_JaffaCakes118
.dll windows:4 windows x86 arch:x86

37c25964b262078b920d888e8461e18d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CompareStringW
CreateFileMappingA
ExitProcess
FindResourceA
GetACP
GetCommandLineA
GetConsoleMode
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetThreadContext
GlobalLock
HeapAlloc
HeapCreate
HeapReAlloc
InterlockedIncrement
MultiByteToWideChar
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
UnmapViewOfFile
WideCharToMultiByte

msvcrt

malloc
strpbrk
_exit

user32

CreateMenu
ReleaseDC

oleaut32

SafeArrayDestroy
SysReAllocString

shlwapi

SHDeleteValueA
PathFindOnPathA
PathFileExistsA
SHEnumKeyExA
PathGetCharTypeA
SHDeleteEmptyKeyA
ChrCmpIA
PathAppendA
PathBuildRootA
PathCombineA

Exports

Exports

ReleaseUpdateListRef

Sections

.text
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ