fade5243e0285113f3b892e4786a16db_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fade5243e0285113f3b892e4786a16db_JaffaCakes118
Size

158KB
MD5

fade5243e0285113f3b892e4786a16db
SHA1

3aaa6987fd7d7bc4f5c13eee6d04bf368c01039b
SHA256

fed334cc4f9e4cdfd82a24d84c5e0f3b87757b38eac7df8ca95e4a5aa5afbf70
SHA512

9a9b8d4e04b8e0b13c5e79122f6e40ed3c8f2fc11817e3bbde792621266cefc0b54b5c199680ba864188e764e67c85b2d9cbd21595e0425ad3875ec6fe6e6812
SSDEEP

3072:UVFa/YtLh5WbwaNcf8AooN4ntgVuetWbk441xc6jFPMVFZk:yo/YeRrDoaqgegn6RPMn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fade5243e0285113f3b892e4786a16db_JaffaCakes118

Files

fade5243e0285113f3b892e4786a16db_JaffaCakes118
.dll windows:4 windows x86 arch:x86

baaefdf31431fe69def30fc0d5e9feea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateEventA
CreateProcessA
ExitProcess
FindResourceA
FlushFileBuffers
GetACP
GetCommandLineA
GetConsoleMode
GetFileType
GetModuleHandleA
GetOEMCP
GetPriorityClass
GetProcessAffinityMask
GetStartupInfoA
GlobalAlloc
HeapAlloc
HeapCreate
HeapReAlloc
InterlockedExchange
IsDebuggerPresent
MulDiv
MultiByteToWideChar
ResetEvent
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
TlsSetValue
VirtualFree
lstrcatA
lstrlenW

user32

GetWindow
IntersectRect
LoadImageA
GetUpdateRgn
UpdateWindow
WindowFromPoint
GetMenuCheckMarkDimensions
RegisterWindowMessageA
CheckRadioButton

comdlg32

GetOpenFileNameA
PrintDlgExA

Exports

Exports

ComPlusMigrate

Sections

.text
Size: 97KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ