3b056fecb9d99c1f66983ec3792258a0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b056fecb9d99c1f66983ec3792258a0_JaffaCakes118
Size

116KB
MD5

3b056fecb9d99c1f66983ec3792258a0
SHA1

f0e71a37d0f390712bb07d38e90357a32eaca810
SHA256

38cec55370b89e4bd9320209ec4669ed4cc95d984c974e8ec9538a04214676ba
SHA512

2c0d7092da84ae41eb3af50717f5e3214b2b406330a6f21f2016e4afb71b12e7b14d074cbd01fff82118f90835a176276508d4e12f4fe5cb0b4849e4b3d9ecfb
SSDEEP

1536:jMrtqdp9wxUEosmTIfK/4e86Lz+wlH43vfoRrEqbuQfaCqvqGHciXU:4AoxVosNKL86mgY3vwJEqbFqvqGHciX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b056fecb9d99c1f66983ec3792258a0_JaffaCakes118

Files

3b056fecb9d99c1f66983ec3792258a0_JaffaCakes118
.dll windows:5 windows x86 arch:x86

52b8c75b5f966883e3c8d0a1cbf8160b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

exit
rand
wcsncmp
sprintf
wcspbrk
fclose
_adjust_fdiv
malloc
_initterm
free
wcscat
memset

ole32

OleLoadFromStream
CoTaskMemFree
CreateBindCtx
CLSIDFromString
CoCreateInstance

kernel32

GetConsoleScreenBufferInfo
WaitForMultipleObjects
CreateFileW
ReleaseMutex
GetVersionExW
FlushInstructionCache
EnterCriticalSection
CreateMutexW
SizeofResource
GetModuleFileNameA
ReleaseSemaphore
RemoveVectoredExceptionHandler
GetLastError
VirtualAlloc
lstrcmpA

user32

DefWindowProcW
SetWindowPos
GetAltTabInfoA
GetDesktopWindow
CreateDialogParamW
IsDlgButtonChecked

Exports

Exports

GWaMFFKop
KreUf

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 878B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ