af131badf1d8f1ca85f762612a87c05c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af131badf1d8f1ca85f762612a87c05c_JaffaCakes118
Size

211KB
MD5

af131badf1d8f1ca85f762612a87c05c
SHA1

137501d5d40cbfa0a2d55aace77390328ae584e1
SHA256

219e6a6c9b0a1f16fe36bffc07423362fa1432be0b0a17d54548480c33db35c9
SHA512

732ddf47bcaaa37fd0b84a3a39941a7568eece4557aff122c08d000937232f4ebe69252f0e1ac0cebd0894b60745a8cf4bc63610c09f61299d42b242b90750ba
SSDEEP

3072:oBjAnwFJf4VFE40Ixa6Lj8EJrzqJ1Gd6CfG+yycemGRHMMr8wgJiEvwrMVjSMIc8:NfE40Ixasj811A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af131badf1d8f1ca85f762612a87c05c_JaffaCakes118

Files

af131badf1d8f1ca85f762612a87c05c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

01ebd8d8be2d6500dbd6c5d9b859d36b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
GetLocaleInfoW

user32

DestroyMenu
GetSubMenu
LoadMenuA
TrackPopupMenu

gdi32

BitBlt
SelectObject
CreateCompatibleDC
GetObjectA
DeleteDC

comdlg32

ChooseColorA
GetSaveFileNameA

shell32

Shell_NotifyIconA
ShellExecuteExA
ShellExecuteA
SHGetFileInfoA
ExtractIconExA
SHGetDesktopFolder

oleaut32

GetActiveObject
GetErrorInfo
VariantInit
VariantClear
SysFreeString
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopy
SysReAllocStringLen
SysAllocStringLen
SafeArrayUnaccessData

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Exports

Exports

DeAiiCyKy

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 419KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ