a766173310c36a026d3af27599e9475f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a766173310c36a026d3af27599e9475f_JaffaCakes118
Size

268KB
MD5

a766173310c36a026d3af27599e9475f
SHA1

f4470028a178bd070c06d1efd18281ecc4a53479
SHA256

c69e11e81548dc920fa2ede5370b635166f9487c97560a102661da738caa74ce
SHA512

4b4c319dd8eeb8eef77781b5ddc7daceeafee8425ffff39af46c10a6ac3b2c56bee779c9b78852b45085b9088e44be9a7eb5049bf741e55ed31ae05aa78a108b
SSDEEP

6144:n377XvRmFXZOkp8iyKoXgtwJsGRcZ2XDCDWwLkufDTJA5l:P/RmPOkp1VsmqcZ2zNw7J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a766173310c36a026d3af27599e9475f_JaffaCakes118

Files

a766173310c36a026d3af27599e9475f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

542d422853ab5283ae75c44780d29a4b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetACP
CloseHandle
HeapAlloc
GlobalHandle
SearchPathW
ExitProcess
GetStartupInfoA
GetOEMCP
GetFileAttributesA
SetCurrentDirectoryA
WideCharToMultiByte
GetModuleHandleA
InterlockedIncrement
VirtualProtect
SetStdHandle
GetConsoleOutputCP
SetLastError
LoadLibraryW
SetConsoleCP
InterlockedExchange
TlsAlloc
LoadLibraryA
GetProcAddress
GetFullPathNameW
GetSystemDirectoryW
GlobalAlloc
GetModuleFileNameW
GlobalFree
ExitThread
Sleep
GetEnvironmentVariableW
OutputDebugStringW
RtlUnwind

msvcrt

_wcsnicmp
strncmp

advapi32

RegCloseKey
CryptReleaseContext

gdi32

LPtoDP
SetViewportOrgEx

ole32

CoTaskMemRealloc

user32

GetDC
EqualRect
EndDialog
CheckMenuItem

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 218KB - Virtual size: 481KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 426B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 102B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ