0c69c434ff4b7d9b3a597e0ef679643c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c69c434ff4b7d9b3a597e0ef679643c_JaffaCakes118
Size

160KB
MD5

0c69c434ff4b7d9b3a597e0ef679643c
SHA1

4b66209512bb05b7ec4b8b00660b662505094f69
SHA256

b1f098e04f09758765335ec842a0184ab2b2586e6daefc8774269a69f03fb94f
SHA512

dbe3d3d3a1bae0e43942012553af4b218816d60fa9b0dc59506aa882aa393191a24e4216e95de17eabfa37df0f5b596056ac53b491f43522a7d285089a711263
SSDEEP

3072:k0QY8W26C4i+xB42H/I7UHPkU6pi2jZFzQZqZdOzERnk+5Ago:V8W29PgB4xY8biSZVQZIiEZk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c69c434ff4b7d9b3a597e0ef679643c_JaffaCakes118

Files

0c69c434ff4b7d9b3a597e0ef679643c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7a76cf15d978af6fd026b001ae7a5861

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateEventA
DeleteCriticalSection
ExitProcess
FindResourceA
GetACP
GetCPInfo
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetTimeZoneInformation
HeapAlloc
HeapCreate
LoadResource
LockResource
MulDiv
MultiByteToWideChar
RtlUnwind
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
lstrcatA
lstrcpyA
lstrlenA

msvcrt

_exit
exit
printf
strspn
wcscpy
isdigit

user32

InvalidateRgn
PtInRect
ReleaseCapture
SetCapture
SetWindowLongA
GetSystemMetrics

oleaut32

SysStringLen
VarBstrCmp
SysReAllocString

shlwapi

SHOpenRegStreamA
SHDeleteValueA
SHDeleteKeyA
SHQueryInfoKeyA
PathGetDriveNumberA
PathFindOnPathA
PathCombineA
PathAppendA
SHSetValueA
SHDeleteEmptyKeyA
StrStrA

Exports

Exports

ComPlusMigrate
SurfaceFlipNotify
W32N_GetAdapterRegistryInfoBySubkey

Sections

.text
Size: 102KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ