bd566fb901196268332c4406be9b2b9e_JaffaCakes118 | Triage

Sharing

General

Target

bd566fb901196268332c4406be9b2b9e_JaffaCakes118
Size

162KB
MD5

bd566fb901196268332c4406be9b2b9e
SHA1

a3e92364f515dcbc48b221624f2b328c79785244
SHA256

20bf7bcac73ec5580ac0711ccc3426a6f6dabdac8a057a3f4bad7c9b16d9f58f
SHA512

913b6e0ad8c1431cc2a98be8924b7b8d8690fd6fe2dc71ba78768cf11f8459c1c2e37c9d1f37d40c4470c8c2deb70ebbe10f539d37ea2ca6ee82168bc832f8ff
SSDEEP

3072:BS0Icr3De+xPMsiV6rKnk1mVmG4Cy+ijhtH/KBI5frRSN:ld7De+JMVV6rnm3fmH/n59S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd566fb901196268332c4406be9b2b9e_JaffaCakes118

Files

bd566fb901196268332c4406be9b2b9e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

40bf3ae15ba2f75d32ba672a3f7cc610

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
DeviceIoControl
ExitProcess
FindResourceA
GetACP
GetCommandLineA
GetEnvironmentStringsW
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GlobalLock
HeapAlloc
HeapCreate
HeapReAlloc
MultiByteToWideChar
PulseEvent
RtlUnwind
SetConsoleCtrlHandler
SetLastError
SetUnhandledExceptionFilter
VirtualAlloc
lstrcatA

msvcrt

wcslen
_XcptFilter
__p__commode
__set_app_type
exit
free
setlocale
__getmainargs

user32

SetCapture
TranslateAcceleratorA
GetWindowRect
GetSubMenu
GetMenuCheckMarkDimensions
CreatePopupMenu
CheckMenuItem
BeginPaint
SetWindowPos

oleaut32

SafeArrayDestroy
SafeArrayAllocData
SafeArrayAccessData
RegisterTypeLi
OleLoadPicture
OleIconToCursor

Exports

Exports

C_GetFunctionList
Direct3DCreate

Sections

.text
Size: 85KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ