d2ce12a0f82ec4a86fdd11bf57858ae6_JaffaCakes118 | Triage

Sharing

General

Target

d2ce12a0f82ec4a86fdd11bf57858ae6_JaffaCakes118
Size

169KB
MD5

d2ce12a0f82ec4a86fdd11bf57858ae6
SHA1

d48f37cfd5124518e74ca723d7aabeea23f4011d
SHA256

0ad0c664db75bcb489c4c2e49e05486e11b758299252870c6a42b3d35bff7a2c
SHA512

a591029d7243e34f46d1cff3730705d63b548fea20c472f69ba09aa78f59219ebf2597c80d95aa4306dc7389736c0b28bdd85cc8608e951b0e88d9edf4566947
SSDEEP

3072:Q8pLwr/4c4I/vLWhX6BUgvXai8vXvoEhLryou:O4cL/jWhoUWujL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2ce12a0f82ec4a86fdd11bf57858ae6_JaffaCakes118

Files

d2ce12a0f82ec4a86fdd11bf57858ae6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d5f9376155ee9e772097ccc5f3a92e60

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
FindResourceA
FreeEnvironmentStringsA
GetACP
GetCommandLineA
GetEnvironmentStringsW
GetEnvironmentVariableA
GetExitCodeThread
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemDirectoryA
HeapAlloc
HeapCreate
HeapReAlloc
IsBadReadPtr
IsBadStringPtrA
MultiByteToWideChar
RtlUnwind
SetHandleCount
SetLastError
SetUnhandledExceptionFilter
lstrcmpA

msvcrt

wcslen
fprintf
_exit

user32

GetWindow
ClientToScreen
KillTimer

oleaut32

OleLoadPicture
OleIconToCursor
SafeArrayCreate
OleLoadPicturePath

shlwapi

PathStripPathA

Exports

Exports

DrawTextExW_ME
InitializeStreaming

Sections

.text
Size: 102KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ