ae1d3714b8f3ae91cd50022cb22553a4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae1d3714b8f3ae91cd50022cb22553a4_JaffaCakes118
Size

152KB
MD5

ae1d3714b8f3ae91cd50022cb22553a4
SHA1

63b402187357a746099cd4503c0841d2f606a391
SHA256

75c948660a3a80d9fe7a1d2a131f8d47be9999ab822e8dda74821f9ebb84b0f7
SHA512

deeefb8ca6278ab1ff45523720ea199114ae94258588107cbb4418e4e58ab33ebb75c70d3fada1c5999fbf002a3925b08ff81ffc74db4e0c8c5c245f235f51e4
SSDEEP

3072:XMQyihn7ZOw+HkTtC0rqiSJ7hH/RGxcTqiEo8o:XMQDn74w+H+CDJ7hHJLqPo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae1d3714b8f3ae91cd50022cb22553a4_JaffaCakes118

Files

ae1d3714b8f3ae91cd50022cb22553a4_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7965beef1ad678b76dbbced461f61e1a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
ExitProcess
FatalAppExitA
FileTimeToSystemTime
GetACP
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemInfo
GetSystemTimeAsFileTime
HeapAlloc
HeapCreate
lstrcmpiA
lstrlenA

msvcrt

setlocale
__p__commode
__p__fmode
_cexit
_except_handler3
wcscpy
wcscmp
wcscat
rand
isdigit
_exit

user32

ExitWindowsEx
MoveWindow
GetDoubleClickTime
CheckRadioButton

oleaut32

SafeArrayDestroy
OleTranslateColor
RegisterTypeLi
VarBstrCat
SysFreeString
SetErrorInfo
OleIconToCursor
SafeArrayAccessData
SafeArrayCreate

shlwapi

ChrCmpIA
SHEnumKeyExA
StrStrIA

Exports

Exports

CreateCaretMEUED

Sections

.text
Size: 73KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ