8ab8a0e60ac048caf6e847c168f34385_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ab8a0e60ac048caf6e847c168f34385_JaffaCakes118
Size

163KB
MD5

8ab8a0e60ac048caf6e847c168f34385
SHA1

e31cdec7c8df238cb54b94ec661e056891033bfc
SHA256

75825a5c8fc5e72c7cc522e81e8a1e38d45f29441d62094f432ba0d0c32a3391
SHA512

28b0ab4b6ae42ac7d37cb794a8e651c5a7d4d38dab1d39d6ad076ba517179f3af9ace3e96f3b7b1443abe2f337bd6677d903e74f2bf8e8da4dc8d4396254af7b
SSDEEP

3072:XBb+1dyiv3vYIoV8zTgaQ/4VFjg3i55Noknvss4:XBb+Hyup5dV5iiz7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ab8a0e60ac048caf6e847c168f34385_JaffaCakes118

Files

8ab8a0e60ac048caf6e847c168f34385_JaffaCakes118
.dll windows:4 windows x86 arch:x86

39743b874bad1c52894109aa848f1f70

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
FindResourceA
FlushFileBuffers
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
InterlockedExchange
IsValidCodePage
MultiByteToWideChar
OpenEventA
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
UnmapViewOfFile
WideCharToMultiByte

msvcrt

strspn
__getmainargs
__set_app_type
_except_handler3
exit
fprintf
__p__commode
strpbrk

user32

UnionRect
ModifyMenuA
KillTimer
EnableWindow
DialogBoxIndirectParamA

oleaut32

VarBstrCat
SafeArrayCreate
SafeArrayAccessData
RevokeActiveObject
RegisterTypeLi
OleTranslateColor
OleLoadPicturePath
OleIconToCursor
GetErrorInfo

Exports

Exports

CancelUpdateCheck
PaletteAssociateNotify
RichInkFilterDirect

Sections

.text
Size: 86KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ