a2fe74376dfd0129d8beeba76a915005_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a2fe74376dfd0129d8beeba76a915005_JaffaCakes118
Size

144KB
MD5

a2fe74376dfd0129d8beeba76a915005
SHA1

348072140fac40bee3cf33a56cb48d55bcc167d9
SHA256

28451426d14efbb228bd2ea48c0efa27b2c636515909fb7e3b9983d8d731c2f3
SHA512

9ad50bdb3b0b6594c89463a047408b299d583f2bb3938616c0c6ec52812570ed5cb8ebbd926d1665ead8fba2bf48ba39e7fe7674f425458a23c894f43e9bf777
SSDEEP

3072:I/hFUY2rA3CGncwtWiHzSESpY6lUNL/0um/Y7dfZ59:IJ2n9pKHzi2NL0uH7dR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2fe74376dfd0129d8beeba76a915005_JaffaCakes118

Files

a2fe74376dfd0129d8beeba76a915005_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d396fd01044369c9889d41efeb6ec463

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
FindResourceA
GetACP
GetCommandLineA
GetEnvironmentStringsA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetVersion
HeapAlloc
HeapCreate
HeapReAlloc
MultiByteToWideChar
ReadProcessMemory
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
SizeofResource
TlsFree
TlsSetValue

msvcrt

__getmainargs
__p__commode
__p__fmode
__set_app_type
exit
fprintf
realloc
wcslen

user32

EnumWindows
GetClassNameA
GetMenuItemCount
GetSubMenu
MessageBoxA
SetClipboardData

winmm

mmioSendMessage
mmioStringToFOURCCA
sndPlaySoundA
timeBeginPeriod
mmioOpenA

Exports

Exports

W32N_GetLastError

Sections

.text
Size: 93KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ