b065a77c8753119726fc4ae93b07e060_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b065a77c8753119726fc4ae93b07e060_JaffaCakes118
Size

151KB
MD5

b065a77c8753119726fc4ae93b07e060
SHA1

c0cb717ffc2e05724dd539ec5755dc37686d1e51
SHA256

9567b0494e3e01fb3402d77bc2861608b6dadd177debbee1873c7da2cf2f0d30
SHA512

6ebe7425f333a8ba81c25cdb448c2840b4d9adbe2fa44890663417063eeaa884f5678fd8f060ffccae24f70161109137e4620882f2a980d85d32aa93bbd05798
SSDEEP

3072:RnRlvivLaTXb//BXCxzIePKM1eRb409qc0zt:RRVlmLr4RbGlzt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b065a77c8753119726fc4ae93b07e060_JaffaCakes118

Files

b065a77c8753119726fc4ae93b07e060_JaffaCakes118
.dll windows:4 windows x86 arch:x86

44dbb63847183a3f7c379297d8d7ddf2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comdlg32

GetOpenFileNameW
ChooseFontW
GetSaveFileNameW
CommDlgExtendedError

kernel32

GetModuleHandleW
FindClose
FindNextFileA
GetStringTypeW
FindFirstFileA
EnumResourceLanguagesA
WideCharToMultiByte
ReadFile
WriteFile
SetFilePointer
GlobalHandle
IsDBCSLeadByte
GetModuleHandleA
VirtualProtect
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetProcessHeap
GetModuleHandleW
CreateProcessA
GetTempFileNameA
HeapFree
HeapAlloc
LoadLibraryW
InterlockedExchange
Sleep

oleaut32

DispGetIDsOfNames
CreateErrorInfo
OleCreateFontIndirect
GetErrorInfo
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

Exports

Exports

AlphaBlend
GradientFill
TransparentBlt

Sections

.text
Size: 99KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 318B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ