fc568fb177cb7d65624b41b9eafd6e48_JaffaCakes118 | Triage

Sharing

General

Target

fc568fb177cb7d65624b41b9eafd6e48_JaffaCakes118
Size

143KB
MD5

fc568fb177cb7d65624b41b9eafd6e48
SHA1

87054596481d655ff0ed91c879617414e81dfa58
SHA256

9122d347453fd2389b6058bc6b5c90fcdfef2bff1f6d086604c65badcbe6f7fb
SHA512

33011884c49fe39ae35140a536750f21c301d90dd0b2d967ca0a4e626fdaca5a14a516fe4478a61d6350d0f9d8e984534c9df76c858b673eb03e2e05160abbe6
SSDEEP

3072:boR99jzHP7tX1Yg3Co5Uvy3c/0cqH4tywpU7m:b4BJl95fM/WH4tm7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc568fb177cb7d65624b41b9eafd6e48_JaffaCakes118

Files

fc568fb177cb7d65624b41b9eafd6e48_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f8fbcc15043db68afbdb9002945390d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
GetACP
GetCurrentDirectoryA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
HeapCreate
InterlockedDecrement
OpenProcess

msvcrt

_wcsicmp
isdigit
malloc
rand
vswprintf
wcscmp
wcslen
free

user32

EmptyClipboard
BeginDeferWindowPos
ReleaseCapture
InflateRect
GetWindowTextA
GetMessageA
GetMenuItemCount
GetDlgItem
CreateIconIndirect
GetClassNameA
DestroyIcon

oleaut32

OleLoadPicture
OleIconToCursor
OleLoadPicturePath
OleTranslateColor
VarBstrCat
SafeArrayAllocDescriptor
SafeArrayAccessData

shlwapi

SHEnumKeyExA
StrChrA
SHOpenRegStreamA
SHDeleteEmptyKeyA

Exports

Exports

bpf_filter

Sections

.text
Size: 74KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ