bcb767b3dd8769c14eeb15d44e3e8ee2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bcb767b3dd8769c14eeb15d44e3e8ee2_JaffaCakes118
Size

24KB
MD5

bcb767b3dd8769c14eeb15d44e3e8ee2
SHA1

25c652e80a3d1892f6b351f6bcdd3e950b10af9c
SHA256

0eeffe2fa3c93f3ef62ec357b481d6caac0d3d190fb997ebea623dc5fd674f8c
SHA512

2a652d40030b91366fd3fdec8611bfb4643e8f41ac723e513b9e5a5b583c7cf1f11768d41d9379d43f953d748eecca0dd84406af9e03a704cb80e9b87d4a0968
SSDEEP

96:MP78rc9zp9HvjsedGNPUNAjtPq8y37QgavioyUuBdqaIZiMUjLepz5WY8FfH:M+cBvvjsedaPUctzyihSIZ8X+dWBf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bcb767b3dd8769c14eeb15d44e3e8ee2_JaffaCakes118

Files

bcb767b3dd8769c14eeb15d44e3e8ee2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

71306f7eea1cffe44ecde8ca7a9eb18f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mmfs2

ord815
ord544
ord482
ord485
ord549
ord518
ord583
ord349
ord347
ord358
ord817
ord589
ord237
ord270
ord357
ord11
ord334
ord360
ord729
ord479
ord538
ord574
ord577
ord579
ord463
ord514
ord528
ord531
ord376
ord706
ord727
ord331

kernel32

GetVersionExW
GetLastError

avifil32

AVIFileInit
AVIStreamOpenFromFileA
AVIStreamReadFormat
AVIStreamInfoW
AVIStreamInfoA
AVIStreamLength
AVIStreamRead
AVIStreamRelease
AVIFileExit
AVIStreamOpenFromFileW

msvfw32

ICClose
ICSendMessage
ICDecompress
ICLocate

msvcrt

__CxxFrameHandler
_adjust_fdiv
malloc
??3@YAXPAX@Z
free
??2@YAPAXI@Z
calloc
_initterm

Exports

Exports

CanReadFile
CreateFilter
GetFilterExts
GetFilterID
GetFilterName

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 346B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ