c1ca5bfe142f21095288206c315fe4dd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c1ca5bfe142f21095288206c315fe4dd_JaffaCakes118
Size

40KB
MD5

c1ca5bfe142f21095288206c315fe4dd
SHA1

fd329ccc4dbb980c5aaf8d2f49edeefcb0f17a2f
SHA256

674056b3b908eec71e777c03770eef0c27f46aef42db183ca04281f0bba43fd4
SHA512

9f9d06e8d9e6f44c73c176ced8b118abff6affff5b4318e742f00e061ab4e0f80f146ba511b155ffe02ce73a8fe04f53f6d851bc38bee7f6afcc3dc6b65a073a
SSDEEP

768:IN5HfN7M7u0/NiqjlKB/7rJLIJHh7dHWMyna5ms:IDN460/Niqjla/nVA78xa5ms

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1ca5bfe142f21095288206c315fe4dd_JaffaCakes118

Files

c1ca5bfe142f21095288206c315fe4dd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0234660f8f02c580036549c26e62af72

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeEnvironmentStringsA
GetLocaleInfoA
GetSystemTimeAsFileTime
HeapAlloc
HeapCreate
SearchPathA
SetHandleCount
SetPriorityClass
TlsFree

msvcrt

sscanf
__set_app_type
_except_handler3
_exit
exit
fprintf
wcscpy
vswprintf
__p__fmode
realloc
isdigit

user32

GetWindowRect
LoadIconA
PeekMessageA
SetWindowPos
DefWindowProcA
GetWindowLongA

oleaut32

OleLoadPicturePath
RevokeActiveObject
SafeArrayAllocData
SetErrorInfo
OleIconToCursor
SysFreeString
VarBstrCat

shlwapi

PathAppendA
PathCombineA
PathFindOnPathA
PathGetCharTypeA
SHEnumKeyExA
SHQueryInfoKeyA
SHSetValueA
StrStrA
SHDeleteEmptyKeyA

Sections

.text
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ