e020709e7fe45605db8a3aae41550bb0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e020709e7fe45605db8a3aae41550bb0_JaffaCakes118
Size

21KB
MD5

e020709e7fe45605db8a3aae41550bb0
SHA1

84ba1e02541a5f20ff385f6371e36b2820cfd1ae
SHA256

66adf8763c0db10dff65ec889a56d3704613e99a05b9eb289be00a0816f6de75
SHA512

7bb5af6294a0f11cd3a4139662c0ae9618159b75084d3f539e7164bc1d1ab4f53bfc6843c2d60c685c091f6406bdfff171e6fa6fb36a733c733cd6ebc93c3400
SSDEEP

384:WnM7lcYp4bkzLuF+1guuCFWKH620CbasJMY:WM7+YibkzLuFWuuWKa2J+Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e020709e7fe45605db8a3aae41550bb0_JaffaCakes118

Files

e020709e7fe45605db8a3aae41550bb0_JaffaCakes118
.dll windows:6 windows x86 arch:x86

edd84f28ec44dba57d6b89bf8a60ef37

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathUnquoteSpacesW
SHRegQueryInfoUSKeyA
PathStripPathA
PathBuildRootA

kernel32

EnumSystemCodePagesW
GetProcessHeap
HeapAlloc

pdh

PdhSetCounterScaleFactor
PdhParseInstanceNameW
PdhBrowseCountersW
PdhMakeCounterPathW
PdhGetRawCounterArrayA
PdhIsRealTimeQuery

mpr

WNetGetConnectionW
WNetEnumResourceW
WNetAddConnectionA

mscms

SetColorProfileElementReference
CheckColors

setupapi

SetupSetDirectoryIdExA
SetupDiGetClassDescriptionA
SetupDiOpenDeviceInterfaceRegKey
SetupDiClassGuidsFromNameExW
SetupQueueRenameSectionW
SetupDiSelectOEMDrv
SetupDiGetHwProfileListExW

msvcrt

_adjust_fdiv
malloc
_initterm
free
memset
memcpy

Exports

Exports

afyvkgxh

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ