78c1e65df3497090eef9166aa5ac1164_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

78c1e65df3497090eef9166aa5ac1164_JaffaCakes118
Size

169KB
MD5

78c1e65df3497090eef9166aa5ac1164
SHA1

2e934606cd29df7c93daac683df16c599a6fb0a8
SHA256

fc101717b387ce83d1be334356eb9ba23d1e635634bfa816900cca6f108a5494
SHA512

5e4dd69f13fbee4db5f3da5ea46698b1c6b3146e30a6a8c7c9ba9ec97cd67059edd73f52d8f70327eb79919e38762e4a16bbc4c2420221fd0344a2483cbea618
SSDEEP

3072:Y+E/NNcqQQcaZdpsxg9/7l74Zqxb7r4XSqpdIw5trXCQIiUIOm5iF:Y+HQ12+4ZO7UXBpV5lSidO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78c1e65df3497090eef9166aa5ac1164_JaffaCakes118

Files

78c1e65df3497090eef9166aa5ac1164_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5cc4cfaa3f99ac9276b615638e1fd139

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CompareStringW
DeviceIoControl
ExitProcess
FindResourceA
GetACP
GetCommandLineA
GetCurrentThread
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetTimeZoneInformation
GlobalAlloc
HeapAlloc
HeapCreate
HeapReAlloc
InitializeCriticalSection
MultiByteToWideChar
OutputDebugStringA
RtlUnwind
SetEndOfFile
SetLastError
SetPriorityClass
SetUnhandledExceptionFilter
TerminateThread
lstrcatA

msvcrt

_cexit
fwprintf
rand
wcscmp
_stricmp

user32

FillRect
GetWindowLongA
LoadIconA
UpdateWindow
CreatePopupMenu

oleaut32

SetErrorInfo
OleLoadPicture
OleIconToCursor
GetErrorInfo
VarBstrCmp
VarBstrCat
SysReAllocString
OleLoadPicturePath
SafeArrayAllocDescriptor
SafeArrayAccessData
RegisterTypeLi
ClearCustData

shlwapi

StrStrA
StrToIntA
PathStripPathA

Exports

Exports

SurfaceFlipNotify
VersionNumberUCScribe

Sections

.text
Size: 100KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ