bc9937c63239dcbe5cf35112dee0c3fc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc9937c63239dcbe5cf35112dee0c3fc_JaffaCakes118
Size

141KB
MD5

bc9937c63239dcbe5cf35112dee0c3fc
SHA1

49966cf0c9f645acb76ba5ba1b8713d66b4342d1
SHA256

e1bf07bc02bc57feb7f5aeb6c4ad06f572897a91ade17ec63175e37c0068d34a
SHA512

31ab2f142496ac4c9f3e7a9139f33ae6192d6867e8110e9a4bc0c27d83de6029ba0511a32a56945d83ed64b690030f87025ac2f52bfefa72f49d0ef01265e3d4
SSDEEP

3072:xs5ev6/TCvHpGeYQIZUOVBWOGuWK3lCVy3Kp6BLIWOUTSyDnVINtl3IBBK:xs5s6/TnepIP3WOGuDX3s6pIETSyLVAC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc9937c63239dcbe5cf35112dee0c3fc_JaffaCakes118

Files

bc9937c63239dcbe5cf35112dee0c3fc_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0f2d1c2fa0b2fdd4f1c86fe6d45b481d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileA
ExitProcess
GetACP
GetConsoleMode
GetLocaleInfoA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemInfo
HeapAlloc
HeapCreate
UnmapViewOfFile
WriteConsoleW
lstrcmpiA

msvcrt

time
__p__commode
_cexit
_except_handler3
free
malloc
sscanf
setlocale

user32

EndPaint
EnumWindows
RedrawWindow
IsWindowVisible
DestroyIcon

oleaut32

OleIconToCursor
VarBstrCat
VarBstrCmp
OleLoadPicture

shlwapi

SHDeleteEmptyKeyA
SHDeleteValueA
StrSpnA
ChrCmpIA
PathFindOnPathA
StrStrIA

Exports

Exports

Direct3D_HALCleanUp
HrGetFontFallback
SelectionBoundsMEUED

Sections

.text
Size: 73KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ