3d58fb878ef3332858e47c74949643f2_JaffaCakes118 | Triage

Sharing

General

Target

3d58fb878ef3332858e47c74949643f2_JaffaCakes118
Size

161KB
MD5

3d58fb878ef3332858e47c74949643f2
SHA1

1fe42568459eb36b64fefc43288fcd56e684849c
SHA256

e9f0edcc2b7b87805e1b0c78f20c0b5c45b66078ddc4a5ec1f88c7da3a755923
SHA512

6f4b7408d6b19f5cfb5dd997f54bf13f992f04f4b988c7aa0c4e1f785360cf60f33c44a143923c0de440cc73adfccdbb91b2f6f9440a70fce5049babba11b033
SSDEEP

3072:5J/Jf8BqF97njSjXGfFT7BkTkNmrTbzsDZpGSd8WgB:3/JUBqFVnj8QukNMnzUGS9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d58fb878ef3332858e47c74949643f2_JaffaCakes118

Files

3d58fb878ef3332858e47c74949643f2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ce441b42122dfbebade98773352dbac3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
ExitThread
GetACP
GetCommandLineA
GetCommandLineW
GetEnvironmentVariableA
GetModuleHandleA
GetOEMCP
GetProcessHeap
GetStartupInfoA
GetStringTypeA
GetSystemDirectoryA
GlobalAlloc
HeapAlloc
HeapCreate
HeapDestroy
HeapReAlloc
LocalFree
MultiByteToWideChar
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
lstrcatA
lstrcmpiA

user32

FindWindowA
GetWindow
DefWindowProcA
OffsetRect
ReleaseDC
ModifyMenuA
DrawIconEx
wsprintfA

comdlg32

PrintDlgExA

Exports

Exports

ExtTextOutWCP_ME
NxPlatformMismatch

Sections

.text
Size: 101KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ