cf5a7cde15322982f7867d7335a1592f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf5a7cde15322982f7867d7335a1592f_JaffaCakes118
Size

174KB
MD5

cf5a7cde15322982f7867d7335a1592f
SHA1

3804721db6850e6a3c5bb602b246a7aca14b43cb
SHA256

454992c16e084994385c7f8ddbe1ac3da901aa39868bdc17b10860d4d689a2d9
SHA512

f3341fd5ab68935e1cd7039469af3b6161e2d43cb7b9e1f4fd42a65ab07441efaacc272770cdf5b17db3fb4fca29f253e5157f5e98bb87617c437b0cbce800bc
SSDEEP

3072:EcPqlyU8z4/kvNUvKopuvsyGzxkN6PLTIrP2Daws/jhZW0hS:BPql9n/k2hTi6O2DSjh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf5a7cde15322982f7867d7335a1592f_JaffaCakes118

Files

cf5a7cde15322982f7867d7335a1592f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b38bc33e45046e02f62a4847a0d8cfe7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
ExitProcess
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsA
GetEnvironmentVariableA
GetFileTime
GetLocaleInfoA
GetLocaleInfoW
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemInfo
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
IsValidLocale
LocalFree
MultiByteToWideChar
ResetEvent
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
lstrcatA
lstrcpynA

user32

EnableWindow
SetClassLongA
DrawFrameControl
GetWindow
GetSystemMetrics
ClientToScreen

comdlg32

GetSaveFileNameW
dwOKSubclass

Exports

Exports

MIDL_user_free
PaletteUpdateNotify
ReadEapcfgList
SetupOpen
TextOutW_ME
UninitializeStreaming
W32N_GetFirstAdapterRegistryInfo

Sections

.text
Size: 106KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ