884c8ca200cd04e7a71d9fc4853e7d8f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

884c8ca200cd04e7a71d9fc4853e7d8f_JaffaCakes118
Size

156KB
MD5

884c8ca200cd04e7a71d9fc4853e7d8f
SHA1

7f8b323a846b5f9ea22cc86f271b4e8aa0fafe92
SHA256

ad9838026d7c19339f25d2cbdd17141a595c3ab8b23bbf989039e1bb19c209f4
SHA512

66329a7169245453ecd719d1730247bf008ca33009e0ed27066b126a14fccc8acd16547024d78c06cce9e9d1768efc4e7228109edfe730dacde40594067e00ce
SSDEEP

3072:WS0fvmkmuegVyU6hTn//fINcp/kH0pnTaIZDSqHO/U7/ItyIYvwjkSV1U5XxogHZ:WfagEUSaI+0RaIZDSl/UMtyI4WfV1CX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
884c8ca200cd04e7a71d9fc4853e7d8f_JaffaCakes118

Files

884c8ca200cd04e7a71d9fc4853e7d8f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0f2d1c2fa0b2fdd4f1c86fe6d45b481d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileA
ExitProcess
GetACP
GetConsoleMode
GetLocaleInfoA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemInfo
HeapAlloc
HeapCreate
UnmapViewOfFile
WriteConsoleW
lstrcmpiA

msvcrt

time
__p__commode
_cexit
_except_handler3
free
malloc
sscanf
setlocale

user32

EndPaint
EnumWindows
RedrawWindow
IsWindowVisible
DestroyIcon

oleaut32

OleIconToCursor
VarBstrCat
VarBstrCmp
OleLoadPicture

shlwapi

SHDeleteEmptyKeyA
SHDeleteValueA
StrSpnA
ChrCmpIA
PathFindOnPathA
StrStrIA

Exports

Exports

FlushD3DDevices
W32N_CloseAdapter

Sections

.text
Size: 73KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ