3ba2849a6d3c693ae6de1bf8d482a352_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ba2849a6d3c693ae6de1bf8d482a352_JaffaCakes118
Size

40KB
MD5

3ba2849a6d3c693ae6de1bf8d482a352
SHA1

2c6de6c188a5580544b76ec8484f24e38bd5714a
SHA256

d2471b1aeea0f3db551f7eac0b20a7c57699a0d77dc82b9aafba6387dbce4bfa
SHA512

86930eb8d7b9edcebf569badebb001676511b366d5c2812de5bad3a0744c54d7aff051c7fdec8dfd7609bda46168d51605602f998447f682694a4afdc4a51a7b
SSDEEP

768:t1uSypCDa9mg2444Cx+8A5yHskY2DkkbQ0OXEzK17fTzuneh:7u59q4t8AAHIkbYEWdfTzueh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ba2849a6d3c693ae6de1bf8d482a352_JaffaCakes118

Files

3ba2849a6d3c693ae6de1bf8d482a352_JaffaCakes118
.dll windows:4 windows x86 arch:x86

39743b874bad1c52894109aa848f1f70

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
FindResourceA
FlushFileBuffers
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
InterlockedExchange
IsValidCodePage
MultiByteToWideChar
OpenEventA
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
UnmapViewOfFile
WideCharToMultiByte

msvcrt

strspn
__getmainargs
__set_app_type
_except_handler3
exit
fprintf
__p__commode
strpbrk

user32

UnionRect
ModifyMenuA
KillTimer
EnableWindow
DialogBoxIndirectParamA

oleaut32

VarBstrCat
SafeArrayCreate
SafeArrayAccessData
RevokeActiveObject
RegisterTypeLi
OleTranslateColor
OleLoadPicturePath
OleIconToCursor
GetErrorInfo

Exports

Exports

DestroyEapcfgNode
GetUpdateCount

Sections

.text
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ