fa585bef1d36d6f96d1cc659e9df72eb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa585bef1d36d6f96d1cc659e9df72eb_JaffaCakes118
Size

181KB
MD5

fa585bef1d36d6f96d1cc659e9df72eb
SHA1

c13613c6d2852b1bac30d74146c3283dcd41f9a3
SHA256

1591d50c5aeb618afec8ab571ff4daca7f844a67c4b6448f6b8bb179ce081af4
SHA512

97bdee66b5d6103f24544e69c906b217ac189eef6ba5cf891055104d38527bd7adfc3e8aad54919fcb1db75c09f1e7a9a0f945e32f31399a187fa0e6f58a43fe
SSDEEP

3072:GpAtBL5iedXRl+nfe98wgiVV+taCy/b2dguTmSzW1gDiKQWOBtFBAi7tUrC:GpAtHVRl+29gUAt+gvFzWW/Qn7btUr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa585bef1d36d6f96d1cc659e9df72eb_JaffaCakes118

Files

fa585bef1d36d6f96d1cc659e9df72eb_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c6ee226049aea17026f93c14f76a6d07

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
FindFirstFileA
GetACP
GetCommandLineA
GetFileAttributesA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GlobalLock
HeapAlloc
HeapCreate
HeapReAlloc
MapViewOfFile
MultiByteToWideChar
OpenEventA
RtlUnwind
SetEnvironmentVariableA
SetLastError
SetProcessWorkingSetSize
SetUnhandledExceptionFilter
lstrcpyA
lstrlenA

user32

IsZoomed
GetWindowThreadProcessId
GetKeyState
GetCursorPos

ole32

CoGetMalloc
CreateAntiMoniker
CoCreateGuid
CoCreateInstance

oleaut32

VarBstrCat
SysFreeString
SetErrorInfo
SafeArrayAllocData
ClearCustData

Exports

Exports

AFLock
EnumFlashSettingReset
EnumRelCamSettingReset

Sections

.text
Size: 112KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ