3a20b8c7dd972d8e412cd5b1c7aa0180_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a20b8c7dd972d8e412cd5b1c7aa0180_JaffaCakes118
Size

72KB
MD5

3a20b8c7dd972d8e412cd5b1c7aa0180
SHA1

8bd364303045c110b5642088735bfba56fa0ee20
SHA256

19c74358f7f8701a7f26ea2a2736743c3d9a41b472e1f24f3cd64c60c12b2c8d
SHA512

6dc78b8bf738ea1049496798172d1ae635631c073e20a2f82cbe79b72dd0bdbe5c63520482e7341c37eefc0a72acc9b61fe8e1b59ede91e432e6a72f91d53df0
SSDEEP

1536:l/JIsHxjt3twYgAyzauxI3TDl+kz1NzBXCU3wv5Cv4tboZcnNiz:l/5ZtvrOauxMl+kzTJRwRCvsNi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a20b8c7dd972d8e412cd5b1c7aa0180_JaffaCakes118

Files

3a20b8c7dd972d8e412cd5b1c7aa0180_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8f4136608020d806017aaaf9d0313f9b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
GetACP
GetCommandLineA
GetCommandLineW
GetLastError
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetVersionExA
GlobalLock
HeapAlloc
HeapCreate
HeapReAlloc
LCMapStringA
LeaveCriticalSection
MultiByteToWideChar
OutputDebugStringA
RtlUnwind
SearchPathA
SetLastError
SetUnhandledExceptionFilter
TerminateProcess
VirtualFree

user32

ScrollWindowEx
RedrawWindow
GetDlgItemTextA
ClientToScreen

ole32

CoTaskMemAlloc
CoFileTimeNow
CoBuildVersion
CoCreateInstance

advapi32

LsaLookupPrivilegeDisplayName
LookupAccountNameA

olepro32

OleLoadPicture
OleTranslateColor
OleCreatePictureIndirect
OleCreateFontIndirect

Sections

.text
Size: 42KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ