b8181608f95a4bd52d560201bc62b92d_JaffaCakes118 | Triage

Sharing

General

Target

b8181608f95a4bd52d560201bc62b92d_JaffaCakes118
Size

155KB
MD5

b8181608f95a4bd52d560201bc62b92d
SHA1

e2dba099a04e70d20409de64900caae8d444eb31
SHA256

0797991b3ed2bca4c5f6d0916177c1adb4041988756523fb2fd6480c0886e22b
SHA512

5e0709f7f49a47f77978ff60f239a5b73367b0fd347261981fc2db1ffadcab7dbf7a3947ddc09f5e7d1865070ca27bf6689b3c6dd9a8d456c64a9c0a5a9d38f6
SSDEEP

3072:E81BisfaSGk7Wg34fBprYA/3jl77VRE1Fn/04BROLj:E81Zck7hoXrYU3jlFRE1Fs4H2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8181608f95a4bd52d560201bc62b92d_JaffaCakes118

Files

b8181608f95a4bd52d560201bc62b92d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dea91e8448f038f16c318ee96324ddd0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
GetACP
GetEnvironmentStringsA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemDirectoryA
GetTickCount
HeapAlloc
HeapCreate
HeapSize
LeaveCriticalSection
ReadProcessMemory
TlsFree
lstrcatA
lstrcmpiA
lstrlenA

msvcrt

wcscpy
__p__commode
__set_app_type
exit
free
strspn
wcscat
wcscmp

user32

DestroyWindow
GetDesktopWindow
GetSubMenu
RemoveMenu
DeferWindowPos

oleaut32

ClearCustData
SafeArrayDestroy
OleIconToCursor

shlwapi

SHDeleteEmptyKeyA
PathFileExistsA
PathBuildRootA
SHOpenRegStreamA
SHSetValueA
PathGetCharTypeA
PathGetDriveNumberA
StrChrA

Exports

Exports

D3DBreakVBLock

Sections

.text
Size: 75KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ