75b566b311ddfa9a2dc6e72a743c8ef0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

75b566b311ddfa9a2dc6e72a743c8ef0_JaffaCakes118
Size

128KB
MD5

75b566b311ddfa9a2dc6e72a743c8ef0
SHA1

5a31bae200c29bd6b9ed0fb28c7674b328af072c
SHA256

b02ff4254f5ae65d6e2db3eb90d7240ba233e69c323d42f7738c9fcae72010b8
SHA512

88acf709b7f642341e9ab0c89ac62304cf6b50ac77c99c2d67de86f7e008c81b22377d851623e0ada0b0be7455b87e522838c3fdad023ce8c3160271733a5992
SSDEEP

3072:NQYQVFXE7K7y6mgsZNFXQb35mkJTLlnPAJEKEZlVauUH1:zQVO7KmgsPFXQj5mk9LlnPAJ1EZlVZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75b566b311ddfa9a2dc6e72a743c8ef0_JaffaCakes118

Files

75b566b311ddfa9a2dc6e72a743c8ef0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d3b4135000664b15e4b2d6bd6ef37b70

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapCreate
IsBadReadPtr
MapViewOfFile
SetErrorMode
HeapAlloc

msvcrt

rand
free
__set_app_type
_XcptFilter
wcscat
wcslen

user32

GetWindowDC
GetWindowThreadProcessId
DialogBoxParamA

oleaut32

VarBstrCat
SysStringLen
SysFreeString
SetErrorInfo
SafeArrayCreate
SafeArrayAllocDescriptor
SafeArrayAccessData
RegisterTypeLi
OleLoadPicture
OleIconToCursor
ClearCustData

shlwapi

StrStrIA
SHEnumKeyExA
PathFileExistsA
ChrCmpIA
PathBuildRootA

Exports

Exports

ComPlusMigrate
GetNumCaptureDevices
GetUpdateCount
StopStreaming

Sections

.text
Size: 63KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ