03f3345b70301a44fad0d6aa47886da9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03f3345b70301a44fad0d6aa47886da9_JaffaCakes118
Size

141KB
MD5

03f3345b70301a44fad0d6aa47886da9
SHA1

ad03b04cbc8b2b172d96bbec5ac96f108a560d2a
SHA256

db6def4017eb79196a002a3f64bd3d5c22c292dbc0b1d6ea164e5fccc92add1f
SHA512

fa09f7d8aa96ca903c826afd36bc9d1a9540b80216af021040f205734a93406c8a58a914be29e860598534d3d7e65d28558801db604bdad74cc71494a47a2b86
SSDEEP

3072:u3iZCk5kbSXAgHK5tT+dz53xRIndvxJtC0Y4iRi/1bkqRM8ObIYr3XfR02NAvNbd:u309zHMtydz53Ed0qkE14a+bIkplNcKn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03f3345b70301a44fad0d6aa47886da9_JaffaCakes118

Files

03f3345b70301a44fad0d6aa47886da9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

087f532d755543ce8210846889738510

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
DuplicateHandle
ExitProcess
FileTimeToSystemTime
FindResourceA
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetTimeZoneInformation
GlobalReAlloc
HeapAlloc
HeapCreate
HeapReAlloc
MultiByteToWideChar
OpenProcess
RtlUnwind
SetErrorMode
SetLastError
SetUnhandledExceptionFilter
UnmapViewOfFile
WriteConsoleA

msvcrt

__p__commode
__set_app_type
_except_handler3
exit
strpbrk
wcscpy
__getmainargs

user32

IsZoomed
DeleteMenu
ChildWindowFromPoint
BeginPaint
CheckMenuRadioItem

ole32

CreateBindCtx
CoTaskMemAlloc
CoGetMalloc
CoCreateInstance

Exports

Exports

D3DMalloc
Direct3DCreateDevice

Sections

.text
Size: 92KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ