cec4f61d1e72f82d6e6e81ec32dd1cec_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cec4f61d1e72f82d6e6e81ec32dd1cec_JaffaCakes118
Size

142KB
MD5

cec4f61d1e72f82d6e6e81ec32dd1cec
SHA1

0914163bf2d8f0c151f6f16a0d130f9379b27d51
SHA256

18a8ff11b416a0dfacd15be9b8fa27cf81c015d9fc1c8a0e12f99560f3dcb79c
SHA512

b09c2766592dd2e110d6161923f0b6d5f710302c78901ec096e35c8c02dbf1fc9cc49aa21289422c7f72f0868cb7fb45f7003076c6dfc486f60796bd12ca78c2
SSDEEP

3072:hduHUA9MqWOi/V80/QcAlK5rDi8p+3TOASx9C10irBHBX3jqqJS9:+5WOiPQ/u2GjhxurBhnj/S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cec4f61d1e72f82d6e6e81ec32dd1cec_JaffaCakes118

Files

cec4f61d1e72f82d6e6e81ec32dd1cec_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e416fae7a0e1e946fca2efa3879dacc7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CompareStringA
ExitProcess
FlushFileBuffers
GetACP
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
HeapCreate
HeapReAlloc
SetProcessWorkingSetSize
lstrlenA

msvcrt

wcslen
_except_handler3
free
isdigit
malloc
printf
strspn
wcscmp
_XcptFilter

user32

CreateDialogParamA
DeferWindowPos
DrawMenuBar
GetClientRect
IsWindowVisible
LoadIconA
ReleaseCapture
CloseClipboard
DispatchMessageA

oleaut32

OleIconToCursor
OleLoadPicture
OleTranslateColor
GetErrorInfo
RevokeActiveObject
SafeArrayAccessData
SafeArrayAllocDescriptor
VarBstrCat
SysReAllocString
SafeArrayDestroy
SafeArrayCreate

shlwapi

PathFileExistsA
PathGetCharTypeA
SHQueryInfoKeyA
SHSetValueA
StrStrA
SHEnumKeyExA
PathCombineA

Exports

Exports

GetEncryptionForAdapter

Sections

.text
Size: 73KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ