c83a062cbe9078f5252ff00f9491556f_JaffaCakes118 | Triage

Sharing

General

Target

c83a062cbe9078f5252ff00f9491556f_JaffaCakes118
Size

171KB
MD5

c83a062cbe9078f5252ff00f9491556f
SHA1

8d94a0fcf7d37c0955229cb58989e0b79d07ce93
SHA256

6256fc0471b99521fa8104d647161f86c84227138cda1d9d63c6981d8e796119
SHA512

c7d0fb3bd9f20615f0d65ba59137dfd5742d61679064c607a51df5165e948ad9d11bf9910f9b2264514785aa4f705b3dee4d8cbc7865ebbe13a2fa90f1dabcda
SSDEEP

3072:Tv9XLN3zoI6t9fSpvjjhDX9WGU8lainX6GIQ/s7BiRwEDF90:T1XBjoITZjjhj9Y8ckr/sNowSF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c83a062cbe9078f5252ff00f9491556f_JaffaCakes118

Files

c83a062cbe9078f5252ff00f9491556f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d5f9376155ee9e772097ccc5f3a92e60

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
FindResourceA
FreeEnvironmentStringsA
GetACP
GetCommandLineA
GetEnvironmentStringsW
GetEnvironmentVariableA
GetExitCodeThread
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemDirectoryA
HeapAlloc
HeapCreate
HeapReAlloc
IsBadReadPtr
IsBadStringPtrA
MultiByteToWideChar
RtlUnwind
SetHandleCount
SetLastError
SetUnhandledExceptionFilter
lstrcmpA

msvcrt

wcslen
fprintf
_exit

user32

GetWindow
ClientToScreen
KillTimer

oleaut32

OleLoadPicture
OleIconToCursor
SafeArrayCreate
OleLoadPicturePath

shlwapi

PathStripPathA

Exports

Exports

SurfaceFlipNotify
VersionNumberUCScribe

Sections

.text
Size: 103KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ