152b44ed2a68b0c1b58ad914a9b83432_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

152b44ed2a68b0c1b58ad914a9b83432_JaffaCakes118
Size

196KB
MD5

152b44ed2a68b0c1b58ad914a9b83432
SHA1

30890e235d3b06a1384ca1466b9d397203f9ce3f
SHA256

e63cfbc4f1f41d5bcb0abf9f66170aeacb55d12854d16aa2c752d8c34ae4cfe7
SHA512

2a2ed09d413a1476961b30cd77fb381457b8e44152c2f19f1913b1d725dd10856aa7e04e339c64d00dd612cb40ac588d5a1e1db33fc05102526c464479a6d2cc
SSDEEP

3072:jphN7nmm/yyBgkQBw0Lll3TUDEmtThb6h49D9sJookeBjfz6lomo:pLmm/yyBbQGC3ThmtTjD9aXT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
152b44ed2a68b0c1b58ad914a9b83432_JaffaCakes118

Files

152b44ed2a68b0c1b58ad914a9b83432_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1766eca964510f90da0879016160242b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
DeleteFileA
ExitProcess
ExitThread
GetACP
GetCommandLineA
GetFileTime
GetModuleHandleA
GetOEMCP
GetProcessHeap
GetStartupInfoA
GetVersionExA
GlobalAddAtomA
HeapAlloc
HeapCreate
HeapReAlloc
MultiByteToWideChar
ReadFile
RtlUnwind
SetFilePointer
SetLastError
SetUnhandledExceptionFilter
lstrlenA

user32

SendMessageTimeoutA
FindWindowExA
ExitWindowsEx
DefMDIChildProcA
DefDlgProcA

ole32

StringFromGUID2
CoCreateGuid
CoCreateInstance
CoGetMalloc
CreateAntiMoniker

advapi32

QueryUsersOnEncryptedFile
EncryptFileW
ConvertAccessToSecurityDescriptorA

Exports

Exports

MemcpyToArrayAsync

Sections

.text
Size: 130KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ