ed0c25acdf3aedc8fc6de28839fab34d_JaffaCakes118 | Triage

Sharing

General

Target

ed0c25acdf3aedc8fc6de28839fab34d_JaffaCakes118
Size

14KB
MD5

ed0c25acdf3aedc8fc6de28839fab34d
SHA1

428b0fcdb59ca12ea8de78518288e5325e772f1b
SHA256

eaf7d42611824736062b510e0f8b782b363ca64e3af43f6861a670c67f8cf3dd
SHA512

f869b5f50e422070d4c4825a34a060142a69fb1d49fb6727dcbe9a4e5e5d893aaa0a84704b870796aa996cfa364dbd41abf36514085288a9d3094b9985365f7e
SSDEEP

192:WUzW9KT7z6p0s4vZOzvrHgUQ+DLQ173m+Y1bXady9wD1+pDy1+nccYLzHca:RSKz9spvL3Um+wbXa8941+p+1+nclHc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ed0c25acdf3aedc8fc6de28839fab34d_JaffaCakes118

Files

ed0c25acdf3aedc8fc6de28839fab34d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

9ff59d1dc92c38c5b9eb45cca75073d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileSize
CloseHandle
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleFileNameA
WaitForSingleObject
GetLastError
CreateEventA
SetProcessShutdownParameters

user32

PeekMessageA

msvcrt

_strlwr
free
malloc
strlen
memcpy
strncpy
sprintf
memcmp
_except_handler3
strcmp
_initterm
_adjust_fdiv

Exports

Exports

M

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 783B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ