37a08703f37f34d5629a3cbbfe65ab62_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37a08703f37f34d5629a3cbbfe65ab62_JaffaCakes118
Size

157KB
MD5

37a08703f37f34d5629a3cbbfe65ab62
SHA1

94845f1b853b17579a24927d735e15e76ee84ff5
SHA256

8347b402aeb5e0c0efff164dc0117a46380291d6c348a48a581f2a2d189f12b8
SHA512

621cc5d6db426a4bf6c6ca1b212f3c08eb4f996327a7eb6b8cc8b914e77946a0dd92737b8454dce7329aecb7d2961d7d45a011e49dc70b299d48453afa87b46c
SSDEEP

3072:WbH9aNBLSGkxszYyiI+oA1Bx6hio0EHn5IaqBWuEMaAELcGsDdvlrvhchQ:xSH6zYE+oA1BxI5oQzsfvQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37a08703f37f34d5629a3cbbfe65ab62_JaffaCakes118

Files

37a08703f37f34d5629a3cbbfe65ab62_JaffaCakes118
.dll windows:4 windows x86 arch:x86

faa291165177e98f7e191a5126cd9c8e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
FindFirstFileA
GetACP
GetLocaleInfoW
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
HeapCreate
SetStdHandle
SizeofResource
lstrcatA
lstrcmpiA

msvcrt

vswprintf
__set_app_type
_cexit
strpbrk
wcscmp
_XcptFilter
strspn

user32

MapWindowPoints
SetWindowPlacement
GetClassNameA
GetUpdateRgn

oleaut32

SafeArrayDestroy
SafeArrayCreate
SafeArrayAllocDescriptor
SysReAllocString
RevokeActiveObject
OleTranslateColor
ClearCustData
SysStringLen
VarBstrCat
VarBstrCmp

shlwapi

PathGetCharTypeA
PathGetDriveNumberA
SHDeleteKeyA
SHEnumKeyExA
StrStrA
StrStrIA
StrToIntA
StrSpnA

Exports

Exports

Direct3D_HALCleanUp
HrGetFontFallback
SelectionBoundsMEUED

Sections

.text
Size: 74KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ