f6f0372403a6369d9c098f486412f2e3_JaffaCakes118 | Triage

Sharing

General

Target

f6f0372403a6369d9c098f486412f2e3_JaffaCakes118
Size

12KB
MD5

f6f0372403a6369d9c098f486412f2e3
SHA1

d86c3cf9c1940900e41dda493ba8c6620ac4d9bc
SHA256

416d4ed5dc68b0b65889e88ce09eebcef5d1627a9df107f408612f5d4f725607
SHA512

db7c4ddf26e55063d09bfd11c33db24078c7a5acaf5786876053cbfe726a9b8ad55e67226c6b9ba29d5fda2986f7fb52aefb6ca6fd4203626f07a25df65f8ae0
SSDEEP

192:n1xj1G1LQ+bYw7NKmw7yvB+TKU4NpumqDN22D/jVjqcHxHbHHwxARx:1xjYLQVLOJ2mymP2bjVjLx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6f0372403a6369d9c098f486412f2e3_JaffaCakes118

Files

f6f0372403a6369d9c098f486412f2e3_JaffaCakes118
.dll windows:1 windows x86 arch:x86

3a486a0cf0d11b56e49d85c12beae42c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

WriteConsoleA
WritePrivateProfileStringA
VirtualAllocEx
WriteFile
lstrcmpA
WriteProcessMemory
CloseHandle
CreateDirectoryA
GetDriveTypeA
GetEnvironmentVariableA
CreateProcessA
CreateRemoteThread
CreateThread
CreateToolhelp32Snapshot
ExitThread
FindClose
FindFirstFileA
FindNextFileA
GetLocalTime
CreateFileA
CreateMutexA
GetLogicalDrives
GetModuleHandleA
GetPrivateProfileStringA
GetSystemDirectoryA
OpenProcess
Process32First
Process32Next
SetErrorMode
SetFileAttributesA
Sleep
VirtualAlloc
VirtualFree
WaitForSingleObject

ole32

CoInitialize
CoCreateInstance

advapi32

RegSetValueExA
RegQueryValueExA
RegDeleteValueA
RegOpenKeyA
RegCreateKeyA
RegCloseKey
RegEnumValueA

oleaut32

SysFreeString

wininet

InternetGetConnectedState

Sections

CODE
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE