bcdf9678f1f88fec998d8252420c8992_JaffaCakes118 | Triage

Sharing

General

Target

bcdf9678f1f88fec998d8252420c8992_JaffaCakes118
Size

179KB
MD5

bcdf9678f1f88fec998d8252420c8992
SHA1

4f0f532b0f5e8e47ca8065fe01ba0c7b37517b58
SHA256

c9684bcfc8d53ca678c56424e79aa18c2d76032309349e78c563cc103b82b7d7
SHA512

cb2eb4c360288a406a726f758bb25a20a804245132ba50934b34eadef9b9dae6e991712cb109a3a4a390fc307752aa516ceb265e182a316fff005b5d23aa7d2c
SSDEEP

3072:xkS2gJl2CYqlx1cJkU3UuNSK5j0qdZGR8sauLGQumvVEff5YuYQ2eJmsHHWf8oyg:iSp77D1cJ/EuwKNdMRldLGQfvVifihQ4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bcdf9678f1f88fec998d8252420c8992_JaffaCakes118

Files

bcdf9678f1f88fec998d8252420c8992_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3eaaf277a78ad676e4d907885cd68d70

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
DeviceIoControl
DuplicateHandle
ExitProcess
FlushFileBuffers
FreeEnvironmentStringsA
GetACP
GetCommandLineA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcessWorkingSetSize
GetStartupInfoA
HeapAlloc
HeapCreate
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
TlsAlloc
TlsGetValue
lstrcmpA

user32

WindowFromPoint
SetClassLongA
FrameRect
DrawTextA

ole32

CLSIDFromString
CoBuildVersion
CoCreateInstance
CoGetMalloc

oleaut32

VarBstrCmp
RegisterTypeLi
OleLoadPicture
GetErrorInfo

Exports

Exports

GetCDRWErasingTime
SetDesiredUDFPartitionType

Sections

.text
Size: 110KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ