ac06f060522aa33054ec49c7e6e626ce_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac06f060522aa33054ec49c7e6e626ce_JaffaCakes118
Size

146KB
MD5

ac06f060522aa33054ec49c7e6e626ce
SHA1

2760ab65cecd762b56f1b60b71d3cf9494b2e88e
SHA256

1d144aa52792819bd02572f9f7dcb287a6e754419889307da374600173e2ebe3
SHA512

121e9f1cf8b04172bdca1736e35def43098d982c4456f0f8a07cb060b06e53a88ef5b6f3b6591e0db6c75308cfe939d088d68fcd94eef95f5d80caac692783d4
SSDEEP

1536:r6bawvgjBuBZ0jiKHe9Nha2NLBLra68x26g2SA2RYdNrWGRkoET4NWlQjJiyNS/Y:rkzgjIBMHShxBhWvXNtRraQJS/S6CzZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac06f060522aa33054ec49c7e6e626ce_JaffaCakes118

Files

ac06f060522aa33054ec49c7e6e626ce_JaffaCakes118
.dll windows:4 windows x86 arch:x86

361939927697fc29a0b95bed16b474aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
DeviceIoControl
ExitProcess
FindResourceA
FreeEnvironmentStringsA
GetACP
GetCommandLineA
GetConsoleCP
GetDriveTypeA
GetModuleHandleA
GetOEMCP
GetPriorityClass
GetStartupInfoA
GetTickCount
GetUserDefaultLCID
HeapAlloc
HeapCreate
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
IsValidLocale
MultiByteToWideChar
OpenEventA
RtlUnwind
SetEvent
SetLastError
SetUnhandledExceptionFilter
VirtualFree
lstrcmpA

msvcrt

__p__commode
__p__fmode
__set_app_type
_exit
exit
fwprintf
__getmainargs

user32

BeginDeferWindowPos
DefDlgProcA
DeferWindowPos
GetUpdateRgn
GetWindowPlacement
LoadIconA
RedrawWindow
SetFocus

winmm

sndPlaySoundA
timeEndPeriod
timeGetTime
waveOutGetNumDevs
mmioSetBuffer

Exports

Exports

ISelectionBoundsRaw

Sections

.text
Size: 94KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ