d54182e40a7c31dcaba46ad132f00a2b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d54182e40a7c31dcaba46ad132f00a2b_JaffaCakes118
Size

129KB
MD5

d54182e40a7c31dcaba46ad132f00a2b
SHA1

d5d1ff340962403156b9aad27da9c696f77c588d
SHA256

c95ba03a09a63cfeed7b2e88d7ff986a90e496323014cca2bfa03981a50f2ace
SHA512

c8f1a3e567d2997f135b6209a7679c8c7274032525624169e8b0b65e297bc1c0f5465a07a8f1c72db11093946fd14f407df2950055961273da79d3fd5cbb3b07
SSDEEP

3072:9Kc8UEZoa3v7ScVC5Ep8l48XpW2DjxqBEv9tbHgF5ExH:9Kcw7v7pp8lbc2D799gC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d54182e40a7c31dcaba46ad132f00a2b_JaffaCakes118

Files

d54182e40a7c31dcaba46ad132f00a2b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d3b4135000664b15e4b2d6bd6ef37b70

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapCreate
IsBadReadPtr
MapViewOfFile
SetErrorMode
HeapAlloc

msvcrt

rand
free
__set_app_type
_XcptFilter
wcscat
wcslen

user32

GetWindowDC
GetWindowThreadProcessId
DialogBoxParamA

oleaut32

VarBstrCat
SysStringLen
SysFreeString
SetErrorInfo
SafeArrayCreate
SafeArrayAllocDescriptor
SafeArrayAccessData
RegisterTypeLi
OleLoadPicture
OleIconToCursor
ClearCustData

shlwapi

StrStrIA
SHEnumKeyExA
PathFileExistsA
ChrCmpIA
PathBuildRootA

Exports

Exports

ReleaseSessionRef

Sections

.text
Size: 63KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ