41542444b5121ca5e85bab8f08bbfd1e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

41542444b5121ca5e85bab8f08bbfd1e_JaffaCakes118
Size

178KB
MD5

41542444b5121ca5e85bab8f08bbfd1e
SHA1

1da93d43410ac8ecf278e9ba8c8148ef5c86c521
SHA256

f38d6621c59d69790b96d482c5b7c78fa52303121b199ef7967a35094cc4918d
SHA512

a352cb94d1f93692690728c3f09a8ad24ac68e6d4c2c7fd3a790c323383b121c58f3cfa20b09ed88d8cb708566e1f1d663deab0d89d576a3dc254bb5375a7e37
SSDEEP

3072:Zg4xu9h68M/mW6SbvdAyStgHZcdMEKMbcLeq0iCaVpR0h+kcEKc4rwy2p77i:Zg4Qq8JKey/cjKzLx0bqghuEb4/2h7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41542444b5121ca5e85bab8f08bbfd1e_JaffaCakes118

Files

41542444b5121ca5e85bab8f08bbfd1e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f57c0ba66bed4aaaa4a4e2d287e08a9f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateProcessA
DuplicateHandle
ExitProcess
ExitThread
GetACP
GetCommandLineA
GetEnvironmentVariableA
GetFileTime
GetLastError
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetThreadContext
HeapAlloc
HeapCreate
HeapReAlloc
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
RtlUnwind
SetLastError
SetProcessWorkingSetSize
SetUnhandledExceptionFilter
SizeofResource
TerminateProcess
TlsGetValue
lstrcpynA
lstrlenA

user32

GetMenu
FrameRect
DeferWindowPos

ole32

CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance

oleaut32

OleLoadPicturePath
VarBstrCat
SetErrorInfo
SafeArrayDestroy
SafeArrayAllocDescriptor
SafeArrayAllocData
RevokeActiveObject
RegisterTypeLi

Exports

Exports

EnumDevicePropertyNext
UnregisterFatBinary

Sections

.text
Size: 109KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ