ce4c9d7ffd2357cf7ea0fd57d796abed_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce4c9d7ffd2357cf7ea0fd57d796abed_JaffaCakes118
Size

40KB
MD5

ce4c9d7ffd2357cf7ea0fd57d796abed
SHA1

ab1db3e9b93f7ea947dac7dc4149c7489e8e2ce0
SHA256

d78acb74dc6aeee57afa25f70ee5ad7374713c0e5b70e46b2a7bb2fc5fa1cc05
SHA512

ab5159657aedaa8c74fb9727b1bb31e100763d0994e3330362120f4fc796a5d4cbb4d94619246c173dca079c67475c74744e58320fa038dc8023a480999b265c
SSDEEP

768:bRNdVpCuOImWNCR5TW5gZzAzubRtaYGb0A57HSBU:bReuOIVsRggFDrg7HSBU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce4c9d7ffd2357cf7ea0fd57d796abed_JaffaCakes118

Files

ce4c9d7ffd2357cf7ea0fd57d796abed_JaffaCakes118
.dll windows:4 windows x86 arch:x86

56efc33c38c624762d3bcceb85bbdb62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileMappingA
ExitProcess
FileTimeToLocalFileTime
FindResourceA
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCommandLineA
GetCurrentThread
GetEnvironmentVariableA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
MultiByteToWideChar
RtlUnwind
SetConsoleCtrlHandler
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
VirtualFree
WideCharToMultiByte
lstrcmpA
lstrcpyA

msvcrt

__p__commode
__set_app_type
exit
sscanf
strpbrk
swscanf
__getmainargs

user32

GetSystemMetrics
InflateRect
IsDialogMessageA
PostMessageA
PostQuitMessage
TrackPopupMenuEx
EmptyClipboard
CheckRadioButton
CheckMenuItem
EndDeferWindowPos

ole32

CreateAntiMoniker
CoFileTimeNow
CoCreateInstance

Exports

Exports

GetUpdateRTFLicense
InprocServer32FromString

Sections

.text
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ