7749339e367318ab7bbbc701236c3257_JaffaCakes118 | Triage

Sharing

General

Target

7749339e367318ab7bbbc701236c3257_JaffaCakes118
Size

56KB
MD5

7749339e367318ab7bbbc701236c3257
SHA1

8d8299a6cea3888c1b758af0ed18b6ea1a561114
SHA256

c4e0723bff3fbb98f8e661af8dcf69428686e0e8d73f8d525ceefc98ca33a514
SHA512

196de2e4b3f961bf4f7bdfbb569db6f73912766b3ac9d6a224f0ab7fec247cfbe7661659a5ecd0f67755952f64777b0fa76971352e5c9ef61d6ed2fc6def7c51
SSDEEP

768:n0zhd9fKg9F+Sx7JLHuLp2Kj/O8N98mpnpdA2loO0qZE1c/YTvsVEZWqxv68WXlC:0znVbHdJ0TbtHoovaZ7v6XQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7749339e367318ab7bbbc701236c3257_JaffaCakes118

Files

7749339e367318ab7bbbc701236c3257_JaffaCakes118
.dll windows:4 windows x86 arch:x86

78ab710bcfe935713b43aa368ccb2367

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CompareStringA
ExitProcess
FindClose
FindFirstFileA
FlushFileBuffers
GetACP
GetCommandLineA
GetEnvironmentStringsA
GetExitCodeThread
GetLocaleInfoA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStartupInfoA
GetSystemInfo
GlobalAddAtomA
HeapAlloc
HeapCreate
HeapReAlloc
IsBadStringPtrA
LeaveCriticalSection
MultiByteToWideChar
OutputDebugStringA
PulseEvent
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
TerminateProcess
TerminateThread
TlsAlloc
VirtualFree
lstrlenA

user32

SetWindowPos
GetMenuItemCount
BeginDeferWindowPos
EnableWindow
ClientToScreen
TrackPopupMenu

ole32

CoCreateInstance
StringFromGUID2
CreateAntiMoniker
CoCreateGuid

winmm

joySetThreshold
waveOutGetNumDevs
joyGetDevCapsW

Sections

.text
Size: 42KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ