a97947ae1e5403298f8789618135a6be_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a97947ae1e5403298f8789618135a6be_JaffaCakes118
Size

153KB
MD5

a97947ae1e5403298f8789618135a6be
SHA1

c0d8b4f08632b8ede8d0e064c974d950a207e0b7
SHA256

cd2fb23604d47f0094157f4587e0310da17560b6045373da78bc68a91e66d84f
SHA512

b9ca3c99d1a1db7cbb666b254ba25f2ccc79e323394b8e7280535fb40d6c93520880cecf3fa5da2831fcca1ff6f59ff8299e1958c6bbb80cc3ea2791aeb1161a
SSDEEP

3072:VAnk0xikbAZlKuR5R6/a0m9YTlFC5gewirmARC0/Y86nsNdupmn0gL7TJLD1:arcvOuV6/GCJF4wiJCM0W0CF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a97947ae1e5403298f8789618135a6be_JaffaCakes118

Files

a97947ae1e5403298f8789618135a6be_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0f2d1c2fa0b2fdd4f1c86fe6d45b481d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileA
ExitProcess
GetACP
GetConsoleMode
GetLocaleInfoA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemInfo
HeapAlloc
HeapCreate
UnmapViewOfFile
WriteConsoleW
lstrcmpiA

msvcrt

time
__p__commode
_cexit
_except_handler3
free
malloc
sscanf
setlocale

user32

EndPaint
EnumWindows
RedrawWindow
IsWindowVisible
DestroyIcon

oleaut32

OleIconToCursor
VarBstrCat
VarBstrCmp
OleLoadPicture

shlwapi

SHDeleteEmptyKeyA
SHDeleteValueA
StrSpnA
ChrCmpIA
PathFindOnPathA
StrStrIA

Exports

Exports

FlushD3DDevices
W32N_CloseAdapter

Sections

.text
Size: 74KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ