a837c02f3d07536014eb2904cd10dfbe_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a837c02f3d07536014eb2904cd10dfbe_JaffaCakes118
Size

161KB
MD5

a837c02f3d07536014eb2904cd10dfbe
SHA1

00db6eb78d9f52b38aa31688d7e30985bad0732b
SHA256

b224224d03dcf9b54c3716dda40a90f747e821eea70e2f2d2bac628e1ed631ae
SHA512

139b5f8aa41ece4942f0a8a003eeabdfa20860855c7c1849204feedae5173e8e9f4a1313184c00821b97404de65ca83e32f32da0dc39c37c2dee34dd637570c6
SSDEEP

3072:h6J97/Lz9UQJzXDQBGYVADodDACM4WKOTxqTVHNVIBmq3MDswV9/LUlMt:hwV39UgzXDQ2DCMuGxKt7KEeM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a837c02f3d07536014eb2904cd10dfbe_JaffaCakes118

Files

a837c02f3d07536014eb2904cd10dfbe_JaffaCakes118
.dll windows:4 windows x86 arch:x86

69c934683b831ea0b811ff1b343a0253

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
ExitProcess
FindResourceA
GetACP
GetCommandLineA
GetModuleHandleA
GetNumberFormatA
GetOEMCP
GetStartupInfoA
GlobalUnlock
HeapAlloc
HeapCreate
LoadResource
LockResource
MapViewOfFile
MultiByteToWideChar
RtlUnwind
SetLastError
SetStdHandle
SetThreadAffinityMask
SetUnhandledExceptionFilter

msvcrt

__p__commode
__set_app_type
malloc
realloc
strspn
__p__fmode

user32

FindWindowExA
GetFocus
DefDlgProcA
GetPropA
LoadIconA
LoadImageA
SendMessageA
ShowWindow
EndPaint
DestroyIcon

oleaut32

SysStringLen
ClearCustData
OleLoadPicture
OleLoadPicturePath
OleTranslateColor
RegisterTypeLi
SetErrorInfo
SysFreeString
VarBstrCat
GetErrorInfo
SysReAllocString

shlwapi

PathFileExistsA
PathFindOnPathA
SHOpenRegStreamA
SHSetValueA
StrChrA
StrSpnA
StrStrIA

Exports

Exports

GetUpdateCount
W32N_OpenAdapterA

Sections

.text
Size: 103KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ