b350e8cebcc25d2fdffb2ff6749fead3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b350e8cebcc25d2fdffb2ff6749fead3_JaffaCakes118
Size

166KB
MD5

b350e8cebcc25d2fdffb2ff6749fead3
SHA1

1d106f5d8441ec4b5da33baf79682cec0c905ac9
SHA256

40ea71092b0357cebe10781cebdb5ed0550fafe18fbd44fc3d5c9a1d28e6b945
SHA512

6a3031249321c6e0cd6614a641a8325c9f36f8d36c20af9fd24a6c376479a99011f1c177d6399b641513af39e6af0fb771b11474690841890d2be50439accfa1
SSDEEP

3072:BTMGveXkM7Ocr4vQHSIYMbPSzFe6D1wZk49nYtlesGD+HO:BTMGvekkOGKwMzdZwZk49wImHO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b350e8cebcc25d2fdffb2ff6749fead3_JaffaCakes118

Files

b350e8cebcc25d2fdffb2ff6749fead3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

bdcc93ff7127447493a8b307a5d45050

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
FreeLibrary
GetProcAddress
EnumDateFormatsExW
LoadLibraryA
WideCharToMultiByte
Sleep
GetFileAttributesA
GetTempPathA
GetTempPathW
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GlobalAlloc
GlobalFree

oleaut32

VARIANT_UserFree
CreateErrorInfo
VarUI1FromUI2
GetErrorInfo
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

gdiplus

GdiplusShutdown
GdiplusStartup

Exports

Exports

AlphaBlend
GradientFill
TransparentBlt

Sections

.text
Size: 110KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 274B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ