dc3defd9700e01b278a2143ede91d48f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dc3defd9700e01b278a2143ede91d48f_JaffaCakes118
Size

147KB
MD5

dc3defd9700e01b278a2143ede91d48f
SHA1

078492d8bfd937a221e05789b4bb7d0d7f782a11
SHA256

5e964dc6aac29cc82ce4089f6265af91010aee9600b7045218e42e4576c37ffa
SHA512

4d8e44e778377b50b7fa90da557414b9c45eb29038f6869dadf6d631e516fefa088c0638883193716202e2ec7d2605e74e9e0ceedb78ea147d3dc1344be22f63
SSDEEP

3072:x1G5Wz6kqJivMIb+V8Pm0fSQVCGwBWltn9/YewAK9noY+FLTW:x1GAT+EMIyWuf8DyWltntYrxxorxT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc3defd9700e01b278a2143ede91d48f_JaffaCakes118

Files

dc3defd9700e01b278a2143ede91d48f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

24a0b87af31b2b8d4a769034e6805eff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CompareStringA
CreateFileA
ExitProcess
FindResourceA
GetACP
GetCommandLineA
GetLocaleInfoA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
HeapCreate
HeapReAlloc
LeaveCriticalSection
LoadLibraryA
MapViewOfFile
MultiByteToWideChar
ReadProcessMemory
ResetEvent
RtlUnwind
SetLastError
SetUnhandledExceptionFilter

msvcrt

__p__commode
__set_app_type
_except_handler3
exit
srand
wcscat
__getmainargs

user32

IsIconic
ShowWindow
SystemParametersInfoA
TrackPopupMenuEx

winmm

mmioAdvance
mmioDescend
mmioRenameA
mmioSetBuffer
mmioSetInfo
timeGetTime
mixerGetID

Exports

Exports

PutBufferIntoStream
UninitializeStreaming

Sections

.text
Size: 96KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ