8c558e36591a12fd0ac6e8e3e345a1fc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8c558e36591a12fd0ac6e8e3e345a1fc_JaffaCakes118
Size

172KB
MD5

8c558e36591a12fd0ac6e8e3e345a1fc
SHA1

f8fb6291958440ea849cbefc476cdd9cdab0f7d7
SHA256

b0bdc5c967718d54b072dffd950054420724b275ac1f7e7045685709ac1d87f3
SHA512

907da8ec62ef227205d047a4a0365a2e3294a695e416d54a899c3c2d6ef11126296e91178c3005c89d70476e218cfca7aab4db9072920a4422dde1d389cb50e7
SSDEEP

3072:75yPMdZy+j4exnmg2UiMeb1HftIpM/MI54b6zTkAAxq:75AMN4ejTeR1eM95/UT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c558e36591a12fd0ac6e8e3e345a1fc_JaffaCakes118

Files

8c558e36591a12fd0ac6e8e3e345a1fc_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0948df27bdc78985a52f03b090054439

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
ExitThread
FindFirstFileA
FindResourceA
FreeLibrary
GetACP
GetCommandLineA
GetModuleHandleA
GetNumberFormatA
GetOEMCP
GetStartupInfoA
GetTimeFormatA
HeapAlloc
HeapCreate
HeapReAlloc
MultiByteToWideChar
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
VirtualFree
lstrlenW

msvcrt

strpbrk
printf
_XcptFilter
_cexit
vswprintf

user32

SetScrollInfo
PeekMessageA
GetSysColor
GetScrollInfo
GetMessageA
GetClassLongA
GetWindowRect

oleaut32

VarBstrCmp
SafeArrayDestroy

shlwapi

PathFindFileNameA
PathStripPathA
StrTrimA

Exports

Exports

GetCaptureDeviceFormat
UpdateFromAppChange

Sections

.text
Size: 105KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ