f72dc46af90e1c90298f78b85972f0d7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f72dc46af90e1c90298f78b85972f0d7_JaffaCakes118
Size

100KB
MD5

f72dc46af90e1c90298f78b85972f0d7
SHA1

b5a2dde9c9edee59f7a7214a5272d07510424162
SHA256

1a4fad08f22f2c433c2d86dbd6ead37312d1ef039528dcf96d37738edf4e5f2d
SHA512

89e62e859cf84ed96fe901d052aec3a5957e9e6206799078e5b1506f50b685ceba63e895c448d0bdb5cffd5eed03701a055f9c1d1bfd361e479abdba8bfcd181
SSDEEP

1536:/hPlVP5ocAGxxmWV89V5lnUDTzl7xKgT+Ncl4TYWrMRPqt8z4rbSzmNq:5NZucAOFVK5ufzlhTgcOcWrM4aiq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f72dc46af90e1c90298f78b85972f0d7_JaffaCakes118

Files

f72dc46af90e1c90298f78b85972f0d7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

fbbe0d35be8e479c375eceed2c385a81

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ProcessIdToSessionId
FlushInstructionCache
GetCommandLineA
RtlUnwind
GetLocalTime
GlobalLock
GetConsoleScreenBufferInfo
ConnectNamedPipe
SetConsoleDisplayMode
lstrlen
lstrcpy
GetDateFormatA
NlsGetCacheUpdateCount
SetNamedPipeHandleState
GetUserDefaultLangID
GetSystemPowerStatus
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

icode
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

idata
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ