8991712b61b4e47216b8e2f39d5d1fb8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8991712b61b4e47216b8e2f39d5d1fb8_JaffaCakes118
Size

165KB
MD5

8991712b61b4e47216b8e2f39d5d1fb8
SHA1

c51fe464e81c0f5e5dfb6a5e6ace5724f48a2aad
SHA256

b0040ab7d3055e1ca36d432d93fd29437c5e2678e8bb8a36d069d197b0f875d2
SHA512

c39c68232dede8845bc8e589936500ce426dd678b495fae74b18eb27928beb7d924cab5f0ff950a935c11f5a738ac320a31f42848a99a51da11b44abeab49df5
SSDEEP

3072:uZRebrwbHa1/jRoou2mLGsAsRGPLmAaCVHr0sedg1pssyfQJDDKhrDehwl:u+M5ouRL8s/CVg9iDlJXKVDl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8991712b61b4e47216b8e2f39d5d1fb8_JaffaCakes118

Files

8991712b61b4e47216b8e2f39d5d1fb8_JaffaCakes118
.dll windows:4 windows x86 arch:x86

fa283933f7851ebe370d89f9a866cb66

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
FreeLibrary
GetProcAddress
EnumCalendarInfoExA
LoadLibraryA
WideCharToMultiByte
DeleteFileA
GetFileAttributesA
GetTempPathA
GetTempPathW
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetFileSize
LockFile
LockFileEx
UnlockFile

oleaut32

VARIANT_UserFree
CreateErrorInfo
VarUI1FromUI4
GetErrorInfo
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

gdiplus

GdiplusShutdown
GdiplusStartup

Exports

Exports

AlphaBlend
GradientFill
TransparentBlt

Sections

.text
Size: 104KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 286B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ