aab6df5c6f07cbb12ffdcefa8c762efd_JaffaCakes118 | Triage

Sharing

General

Target

aab6df5c6f07cbb12ffdcefa8c762efd_JaffaCakes118
Size

48KB
MD5

aab6df5c6f07cbb12ffdcefa8c762efd
SHA1

4db033cf7ec8240465b0e4b043ca6bcc0cf66fe9
SHA256

956c35bb8d0b7a43826d2b27bcdf852a079a1af986ead73ddd81fc3632ab22b7
SHA512

b57d7f13167832b80e160f2d99b3aaaea34be4d336ada1fbb4e581b18a48d1ba9005ce35d33652c043aff8c93a10272560f0108909d7da182278f0d192e8bb09
SSDEEP

768:zlDIhaqnRWnG5fGuzhRKx7jTxVb/U1me8x8JeFvRGOe/hord950DAFQ:zlDMamRW3o/KxzxVb/MMx8Jxordf0DAK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aab6df5c6f07cbb12ffdcefa8c762efd_JaffaCakes118

Files

aab6df5c6f07cbb12ffdcefa8c762efd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7f4ee624fc259ed1e006393027b985b4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
FindResourceA
GetACP
GetCommandLineA
GetLastError
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetStdHandle
HeapAlloc
HeapCreate
HeapDestroy
HeapSize
LoadLibraryA
LoadResource
MultiByteToWideChar
RtlUnwind
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SizeofResource
TlsGetValue
lstrcpynA
lstrlenA

msvcrt

fprintf
__p__commode
_cexit
_wcsicmp
_XcptFilter

user32

DeleteMenu
ReleaseDC
DefMDIChildProcA

oleaut32

VarBstrCat
SetErrorInfo
SafeArrayDestroy
OleLoadPicture
GetErrorInfo
VarBstrCmp

shlwapi

PathBuildRootA
PathFileExistsA
ChrCmpIA
PathFindOnPathA
PathGetCharTypeA
PathGetDriveNumberA
SHDeleteValueA
SHOpenRegStreamA
PathAppendA

Exports

Exports

GetSimpleTableDispenser

Sections

.text
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ