a01b608aa4f455749af566432df9096f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a01b608aa4f455749af566432df9096f_JaffaCakes118
Size

140KB
MD5

a01b608aa4f455749af566432df9096f
SHA1

fdd6b2a75282ff889d9f309226ce5522bc5d6fb1
SHA256

3d5973a7199bd40a0ce71012a761eef4dfcd1d1593c4ff08d0ea300925c883f0
SHA512

69bbcdd5ba3cdddd5d55ec0e3bfbefd7c8a68c3b3a3934631e8fbf9e93f900957e9f74f5cfbd6d541c5ae5674ec4753532605dfb18e7e7a076d3048ac0fee756
SSDEEP

3072:oobLTUfUbNShizwKSiKTc8X00U+mD3U2P2FXL/:TkqchDZQnVLDR2FXT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a01b608aa4f455749af566432df9096f_JaffaCakes118

Files

a01b608aa4f455749af566432df9096f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f3d7873e1c9b18e968287fc2b074d4b1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
GetModuleHandleA
SetLastError
UnmapViewOfFile
WaitForSingleObject
LocalFree
InterlockedIncrement
EnterCriticalSection
GetCommandLineA
CreateProcessA
LeaveCriticalSection
GetModuleFileNameA
GetLastError
InterlockedCompareExchange
GetTickCount
LoadLibraryA
Sleep
InterlockedDecrement
MapViewOfFile

ole32

OleSetContainedObject
CreateBindCtx
CoInitialize
CoUninitialize
OleCreate
CoCreateGuid

user32

GetClassNameA
CreateWindowExA
DispatchMessageA
GetSystemMetrics
GetParent
SendMessageA
RegisterWindowMessageA
GetMessageA
GetWindowLongA
DestroyWindow
SetTimer
PostMessageA
FindWindowA
DefWindowProcA
TranslateMessage
SetWindowLongA
KillTimer
PostQuitMessage

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
RegCloseKey

Exports

Exports

d3dMapSupport

Sections

.text
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ