0cce8d60a42d6febf60a866fb43de692_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0cce8d60a42d6febf60a866fb43de692_JaffaCakes118
Size

61KB
MD5

0cce8d60a42d6febf60a866fb43de692
SHA1

1c19409808931103f0bb4ff5a5534634b89aa3b0
SHA256

d29a9d64bda48f0c3062ed434805560a71c2578a9c44f9f90ccbf2b7525502fb
SHA512

b90d3f9f10d930120888019d506e904e4489cf5d73881df96d2068d2d8ae0a3bc0b9c00c302e1e2c75eb6d68b3b0ca21c5326e0ab7cd970d107fa357f410b786
SSDEEP

1536:Pib0Mb4NmwqdcfQojGcUEeSkA29nw+h+rv5ok4zLK/:vMUNpq6fQojGcUEeSkA29w+hUv5okP/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cce8d60a42d6febf60a866fb43de692_JaffaCakes118

Files

0cce8d60a42d6febf60a866fb43de692_JaffaCakes118
.dll windows:4 windows x86 arch:x86

af5538cebfccd6b1e78c1904e23cdb1f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileMappingA
CreateProcessA
DeviceIoControl
ExitProcess
FormatMessageA
GetACP
GetCommandLineA
GetEnvironmentStringsW
GetExitCodeThread
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GlobalUnlock
HeapAlloc
HeapCreate
HeapReAlloc
LocalFree
MultiByteToWideChar
OutputDebugStringA
RtlUnwind
SearchPathA
SetConsoleCtrlHandler
SetLastError
SetPriorityClass
SetUnhandledExceptionFilter
TerminateProcess
lstrlenA

user32

SetWindowLongA
SetTimer
RegisterClassA
GetKeyState
EndDeferWindowPos
EmptyClipboard
DispatchMessageA
DefFrameProcA

ole32

StringFromGUID2
CLSIDFromString
CoCreateInstance
CoTaskMemFree

oleaut32

SysFreeString
SafeArrayAllocDescriptor
SafeArrayAllocData
RevokeActiveObject
OleLoadPicture
GetErrorInfo

Sections

.text
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ