4497cca5c1df1c58a5ce7a68ce412174_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4497cca5c1df1c58a5ce7a68ce412174_JaffaCakes118
Size

130KB
MD5

4497cca5c1df1c58a5ce7a68ce412174
SHA1

96223325c489cf259e9839a8c164355b55b64a5e
SHA256

cde779a21df2719099da99a449fd938a1ebdd0dd810e2352ff0ffdfd15d603f0
SHA512

292683b55fb4e85155d98eca1af0bcebffae014a42ccec38e765def944854877eb80df9d15fb031bf35ad2be8e34f4b9fe59da200564666862de56747a44e0fc
SSDEEP

3072:c6ZTuq4FCdvfNQo+e3NXZrIga6A3by6VAsVFTpBS:c69gCdvfNQ5e3NXPC3XA4Tr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4497cca5c1df1c58a5ce7a68ce412174_JaffaCakes118

Files

4497cca5c1df1c58a5ce7a68ce412174_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f3bc2b6c97a4b4bcc111e4fc6bdd37b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
HeapCreate
IsBadReadPtr
RaiseException
ReadProcessMemory
CreateFileMappingA

msvcrt

_exit
free
malloc
realloc
wcscmp
_wcsicmp

user32

BeginPaint
GetMessageA
GetUpdateRgn
PeekMessageA
SendMessageTimeoutA
TrackPopupMenu
CheckMenuItem
DestroyWindow
SetCursor

oleaut32

RevokeActiveObject
SafeArrayAllocData
SafeArrayCreate
SafeArrayDestroy
SysReAllocString
RegisterTypeLi

shlwapi

PathCombineA
PathBuildRootA
PathAppendA
PathFileExistsA
SHDeleteValueA
SHQueryInfoKeyA
StrSpnA
StrStrA
StrToIntA
SHDeleteKeyA

Sections

.text
Size: 64KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ