f10072bc480fdaaa9ee842d26d0adfb0_JaffaCakes118 | Triage

Sharing

General

Target

f10072bc480fdaaa9ee842d26d0adfb0_JaffaCakes118
Size

49KB
MD5

f10072bc480fdaaa9ee842d26d0adfb0
SHA1

002495966f28f33ca478b87b8870ce86753560e4
SHA256

9428ac8a9816d6f3667e91c2ace6e6335e6eea41ef2ffbf2ebc81595652feed0
SHA512

bc6e4a9c055bbde9f72fa9e9bc4acfaf5e8bd88519dbf4185a181b9221f02311ef60a4b4425efd21cd25604341a6ee3f13c11c1fa8bc11c031a7a3db4271b87d
SSDEEP

1536:6ajuMrRIdrL0Em0rbGXSuz6wqs0Xq5vBS8iJWSFu7q:WMVSAD3jOXqRCJWau7q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f10072bc480fdaaa9ee842d26d0adfb0_JaffaCakes118

Files

f10072bc480fdaaa9ee842d26d0adfb0_JaffaCakes118
.dll windows:3 windows x86 arch:x86

44ce3e6420bc0f9d260c90fe9ea94c9a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
HeapDestroy
WaitForMultipleObjects
ReadFile
HeapCreate
SetFilePointer
GetLocalTime
MapViewOfFileEx
UnmapViewOfFile
CreateFileA
lstrcmpiA
CreateThread
CreateEventA
WriteFileGather
ResumeThread
SetNamedPipeHandleState
GetFileTime
CreateFileMappingA
HeapFree
CreateNamedPipeA
HeapQueryInformation
SleepEx
VirtualQuery
HeapAlloc

irmox32r

ExtractIconA
wcspbrk
ImmWINNLSGetEnableStatus
towupper
iswctype
_wcslwr
ImmUnregisterWordA
wcsrchr
log
IsNetDrive
CtfImmIsCiceroEnabled
_wcsicmp
isdigit
ImmGetImeInfoEx
ImmLockIMCC
_vsnwprintf
_lfind
ILCreateFromPath
_allshr
DragQueryFile
DllInstall
strcat
_wtoi

Exports

Exports

CreateProcessNotify
dmretdde

Sections

.text
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ