0c13c610a27176f26435cd99cd3a4139_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c13c610a27176f26435cd99cd3a4139_JaffaCakes118
Size

141KB
MD5

0c13c610a27176f26435cd99cd3a4139
SHA1

736f9f7451cc2b65e55626b9ba6061cab612fc78
SHA256

ac47d39da4b92089a811a3026ba1127defdb8136bd644e9297643f1a6522d95a
SHA512

39a36822d2a01f96706f87cc62d65a5c22ba152792d73ed6422e14b13ecf405b6dd3701536416ad1ce9ed08895cb1e943f2eaeb81ef1f94ce9adbbcf14f3fcf9
SSDEEP

3072:AhYUTogsZXyc6VOBUX+M8LrrSDOhx8aNQYqQ:4YUTo/ZiuBBM8hx8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c13c610a27176f26435cd99cd3a4139_JaffaCakes118

Files

0c13c610a27176f26435cd99cd3a4139_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e23f15c9403413699f5c1a9c2dc7af0a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
GetACP
GetModuleHandleA
GetOEMCP
GetProcessAffinityMask
GetStartupInfoA
GetUserDefaultLCID
GlobalLock
HeapAlloc
HeapCreate
IsBadReadPtr
MulDiv
SearchPathA
SetPriorityClass
SetThreadAffinityMask
SetUnhandledExceptionFilter
lstrcatA

msvcrt

_stricmp
time

user32

AppendMenuA
DefDlgProcA
ExitWindowsEx

oleaut32

OleIconToCursor
VarBstrCmp
SysFreeString
SetErrorInfo
SafeArrayAllocDescriptor
SafeArrayAllocData
RegisterTypeLi
ClearCustData

shlwapi

SHDeleteEmptyKeyA
SHEnumKeyExA
SHOpenRegStreamA
StrRStrIA
StrStrIA
PathCombineA

Exports

Exports

Direct3D_HALCleanUp
HrGetFontFallback
SelectionBoundsMEUED

Sections

.text
Size: 72KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ