d68237a07e8defc128f9c9ad806537a1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d68237a07e8defc128f9c9ad806537a1_JaffaCakes118
Size

179KB
MD5

d68237a07e8defc128f9c9ad806537a1
SHA1

91524282de094f72661d9b9cc0845eaeba58b94b
SHA256

7d2b7b8161d99e31f05b82b65e71193cdde552d7b666c51d9aee184a6703a653
SHA512

329dd7813c00729a5a0d02cdb72eafa323ad8739cbffd39fa2cfb3f61de8d751f616c26d9c5e6b1c46a37bb0a2ad200dde5f45fef338b5ed00648e362d35658a
SSDEEP

3072:o/b0dpvx9s+LUQxQukxA5a6u4Z3xUei5Ne90IRY0mENhb:o/bw7sypxKa53Z32jz0Y0r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d68237a07e8defc128f9c9ad806537a1_JaffaCakes118

Files

d68237a07e8defc128f9c9ad806537a1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

44ef70bcf81931e4d85f1dac56992825

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
DeleteFileA
ExitProcess
FindClose
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetProcessAffinityMask
GetStartupInfoA
GetTimeFormatA
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
IsBadReadPtr
MultiByteToWideChar
OpenProcess
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
TerminateThread
lstrcmpA

user32

ScrollWindowEx
PostMessageA
GetWindowLongA
GetDoubleClickTime
TrackPopupMenu
SetCapture
DeferWindowPos

oleaut32

RegisterTypeLi
OleTranslateColor
OleLoadPicturePath
SafeArrayAllocData

Exports

Exports

AudioGUIConfigureItem
GraphicsGLRegisterBuffer
ReadDevParamFromRAW

Sections

.text
Size: 109KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ