c1ccad0afdbda89e8c8117faf5a8c164_JaffaCakes118 | Triage

Sharing

General

Target

c1ccad0afdbda89e8c8117faf5a8c164_JaffaCakes118
Size

153KB
MD5

c1ccad0afdbda89e8c8117faf5a8c164
SHA1

bdc00048d3445274f7a29c26ecdce534f1c419c0
SHA256

468386e4c61b727ac3ebcf92f7cb304fec322934194db3ae644067424b12d271
SHA512

dbf4571825ba0b4d3c525ad31207e2099c7415a3a1b5e223f4886a4775a5e66e3ccb34438227b2f4f297331139acd1a8edf94a2e1afda801588184287ae606a9
SSDEEP

3072:jX+6WJBuWbP3NejXJdyie421TpnWMX1bBa9:L+6WfHbPcX44+p53

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1ccad0afdbda89e8c8117faf5a8c164_JaffaCakes118

Files

c1ccad0afdbda89e8c8117faf5a8c164_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f8fbcc15043db68afbdb9002945390d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
GetACP
GetCurrentDirectoryA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
HeapCreate
InterlockedDecrement
OpenProcess

msvcrt

_wcsicmp
isdigit
malloc
rand
vswprintf
wcscmp
wcslen
free

user32

EmptyClipboard
BeginDeferWindowPos
ReleaseCapture
InflateRect
GetWindowTextA
GetMessageA
GetMenuItemCount
GetDlgItem
CreateIconIndirect
GetClassNameA
DestroyIcon

oleaut32

OleLoadPicture
OleIconToCursor
OleLoadPicturePath
OleTranslateColor
VarBstrCat
SafeArrayAllocDescriptor
SafeArrayAccessData

shlwapi

SHEnumKeyExA
StrChrA
SHOpenRegStreamA
SHDeleteEmptyKeyA

Exports

Exports

W32N_OSGetPlatformVersion

Sections

.text
Size: 73KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ