8ced4ed38240b7536703f3d1cece67fe_JaffaCakes118 | Triage

Sharing

General

Target

8ced4ed38240b7536703f3d1cece67fe_JaffaCakes118
Size

153KB
MD5

8ced4ed38240b7536703f3d1cece67fe
SHA1

c70a81c4f461da95201c75dc51f4973f32d919bb
SHA256

4b28e246ca7e71173d6872b866e238ba8063934bb0347fe56cb416ed5115a249
SHA512

1c90e5857795ed03f2edba41a74bafe9c49f33e6c912d20692fa769439c14d4f3ccc557edb513e7ffea3e560e0783f9bd7fd8057822aa56bf51b37f55b62aa20
SSDEEP

3072:c22BMxB1BK9Ql5hGebDhNcFVWzZLUSl2U8M8JGNsjht/hBYosS7:l20BWt3F0zNmU8hJGNufphsS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ced4ed38240b7536703f3d1cece67fe_JaffaCakes118

Files

8ced4ed38240b7536703f3d1cece67fe_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e23f15c9403413699f5c1a9c2dc7af0a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
GetACP
GetModuleHandleA
GetOEMCP
GetProcessAffinityMask
GetStartupInfoA
GetUserDefaultLCID
GlobalLock
HeapAlloc
HeapCreate
IsBadReadPtr
MulDiv
SearchPathA
SetPriorityClass
SetThreadAffinityMask
SetUnhandledExceptionFilter
lstrcatA

msvcrt

_stricmp
time

user32

AppendMenuA
DefDlgProcA
ExitWindowsEx

oleaut32

OleIconToCursor
VarBstrCmp
SysFreeString
SetErrorInfo
SafeArrayAllocDescriptor
SafeArrayAllocData
RegisterTypeLi
ClearCustData

shlwapi

SHDeleteEmptyKeyA
SHEnumKeyExA
SHOpenRegStreamA
StrRStrIA
StrStrIA
PathCombineA

Exports

Exports

FlushD3DDevices
W32N_CloseAdapter

Sections

.text
Size: 74KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ