f72a12abe8bb8666cb67bb81cad4b06f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f72a12abe8bb8666cb67bb81cad4b06f_JaffaCakes118
Size

131KB
MD5

f72a12abe8bb8666cb67bb81cad4b06f
SHA1

17c8d66a72ce2278d9c158597a803bccacd680d2
SHA256

6d2d5e9a4109886fd97bf640237c547593c2d96eca52111f079c71e23befa456
SHA512

c73296c10472b7bbd74ca4d0cf4bed0bace7e0cdefe336ff333ee01ab885c3b9875aabd50c9e5e16fadcc7f95a508fb08ac52e068f3196d9abd878c62fc8cef4
SSDEEP

1536:ODtwETH5n4Ac4XjRULRM/2B3NFXcM04iNzXvuwU6bnFvVPPxpmG62MEj4p6YSZwG:m43nhkzU6XmG680oHwHsiTSgSX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f72a12abe8bb8666cb67bb81cad4b06f_JaffaCakes118

Files

f72a12abe8bb8666cb67bb81cad4b06f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

edaae85dc738f79ed53f475545186c03

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
HeapAlloc
HeapCreate
IsValidCodePage
OpenProcess
lstrlenA
ExitProcess

msvcrt

__p__fmode
setlocale
vswprintf
fwprintf

user32

SetFocus
MapWindowPoints
DrawMenuBar
DefFrameProcA
DefDlgProcA
GetWindowPlacement
GetSysColorBrush
GetPropA
ExitWindowsEx
GetMenuItemID
GetClientRect

oleaut32

ClearCustData
GetErrorInfo
SysStringLen

shlwapi

PathGetCharTypeA
PathGetDriveNumberA
SHEnumKeyExA
SHQueryInfoKeyA
PathFileExistsA

Exports

Exports

CLSIDFromStringByBitness
GetPriority

Sections

.text
Size: 65KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ