deceddafd568acef25181097e2dbd512_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

deceddafd568acef25181097e2dbd512_JaffaCakes118
Size

131KB
MD5

deceddafd568acef25181097e2dbd512
SHA1

7f8ac5db11581bdb133b0b64fb768f32e505fd55
SHA256

d154a096ebab9e36d1d184b573c492238483e3c46e155a2ab500dd793afffb5a
SHA512

8ade64b1bb99d1e87cc1a9438534fad33e2b9ef75b1e284eb06a91b84e3eaaa15e8df8da9d194c6a3c23c2ea09a8fef479d952fb0a9bbc837405d2157b1d437b
SSDEEP

3072:cN4NpNhs+4UhbePnxXEmrYjUrpqVr8LRgVHgNHiaM:VN5GPn36hVIL8HwHia

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
deceddafd568acef25181097e2dbd512_JaffaCakes118

Files

deceddafd568acef25181097e2dbd512_JaffaCakes118
.dll windows:4 windows x86 arch:x86

61e3d1c5e48c7f6eae92fcc308984356

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
FreeEnvironmentStringsA
GetCPInfo
GetStringTypeW
GetTimeFormatA
HeapAlloc
HeapCreate
SetLastError
TerminateThread
lstrcmpA

msvcrt

time
__p__fmode
_cexit
_except_handler3
_exit
printf
strspn
swscanf
__p__commode

user32

EnumChildWindows
GetDlgCtrlID
KillTimer
LoadMenuA
RegisterWindowMessageA
SetClipboardData
DefWindowProcA
GetCursorPos

oleaut32

OleLoadPicturePath
RegisterTypeLi
RevokeActiveObject
OleLoadPicture
SafeArrayAllocDescriptor
SafeArrayDestroy
SysFreeString
VarBstrCat

shlwapi

PathFindOnPathA
SHDeleteEmptyKeyA
SHQueryInfoKeyA
StrChrA
StrSpnA
SHDeleteValueA
ChrCmpIA

Exports

Exports

ReleaseSessionRef

Sections

.text
Size: 66KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ