467d7874c0fef6dc0a5c28dc537c88ac_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

467d7874c0fef6dc0a5c28dc537c88ac_JaffaCakes118
Size

161KB
MD5

467d7874c0fef6dc0a5c28dc537c88ac
SHA1

6a25df3ad7c95ef9555e9fc5c180f4363998d09a
SHA256

e602ce20ba5ba1da30c3039190a3560e97ce33a002a6e2f229a0a5a697f05837
SHA512

69bbb9c15a72bd5aa2aabcf5cdd1875f4e7796f98db25f19493dc9e0e251ebd6272e41d484b958c5e5842f1ba62d4fe6f8520065f9ab1107c4411d20dae0bb18
SSDEEP

3072:qLxznxFym7G3XfjeUUnXJybl/D7F/Wq7J9SdAeieAL5yP+hzQ359DkQ1X:qLxzqm7krSJW75/WwvSdAwAL5yww59II

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
467d7874c0fef6dc0a5c28dc537c88ac_JaffaCakes118

Files

467d7874c0fef6dc0a5c28dc537c88ac_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b4e2cb9ff9934e0f1c3d68e53cffe5a6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CompareStringA
DeleteCriticalSection
ExitProcess
FindResourceA
GetACP
GetCommandLineA
GetCurrentThreadId
GetModuleHandleA
GetOEMCP
GetPriorityClass
GetStartupInfoA
GetTickCount
GetTimeFormatA
GlobalMemoryStatus
HeapAlloc
HeapCreate
HeapReAlloc
InterlockedIncrement
LoadLibraryA
LocalFree
MultiByteToWideChar
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
TlsFree
TlsSetValue
lstrcmpiA

user32

OffsetRect
IsDialogMessageA
ReleaseCapture
EndPaint
RegisterClassExA
KillTimer
CreateIconIndirect

comdlg32

FindTextA
GetOpenFileNameA

Exports

Exports

Direct3D_HALCleanUp
W32N_MakePrivateRequest

Sections

.text
Size: 100KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ