38d026269c0ec207691937da3fa4141f_JaffaCakes118 | Triage

Sharing

General

Target

38d026269c0ec207691937da3fa4141f_JaffaCakes118
Size

40KB
MD5

38d026269c0ec207691937da3fa4141f
SHA1

0dbbbf9891ec4e02e00576ebcfa6afabc587c80c
SHA256

e4df2aa5a836d57193a5fae233ca1319ac4118211d4067686be22384a2dc6fb5
SHA512

32352e1b423971d02ee54ea508889c22d96ffcd2c4105786cec06684f583215783154810a9e70c3c0b6d1a9ce6356fc61c0289a74ef0bc4e4b2d56c4b60cb35d
SSDEEP

768:BKWqn7G92BJLnbWVau24EzMYb2PCtL8Xlg06oiCNiCBCFrG9NE/4:8RpxiFPoMkCXlgQrYCBOrmE/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38d026269c0ec207691937da3fa4141f_JaffaCakes118

Files

38d026269c0ec207691937da3fa4141f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cbfe87eb0cb8d24d28f0b2166251f030

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
DeleteFileA
ExitProcess
FindClose
FindResourceA
FreeEnvironmentStringsW
GetACP
GetCommandLineA
GetCurrentProcess
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetStringTypeW
GetSystemDirectoryA
GetTickCount
GetTimeFormatA
GetVersion
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
LocalFree
MultiByteToWideChar
OutputDebugStringA
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
WideCharToMultiByte

msvcrt

__getmainargs
__p__commode
__set_app_type
exit
free
rand
realloc
wcslen

user32

RedrawWindow
SetClassLongA
GetScrollInfo
GetMenuItemID
FindWindowExA
EnableMenuItem
DeleteMenu
GetDlgItem

ole32

CreateBindCtx
CoTaskMemFree
CoTaskMemAlloc
CoGetMalloc
CoCreateInstance

Exports

Exports

CreateASUSessionWithURL
CreateCaretMEUED
Direct3DCreate
ExtTextOutComplex
GetUpdatesList
ISelectionBoundsRaw
SetLOD
UGetCurrentKBLidMEUED

Sections

.text
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ