b7b453481940d4951e711f8b3a9bcc82_JaffaCakes118 | Triage

Sharing

General

Target

b7b453481940d4951e711f8b3a9bcc82_JaffaCakes118
Size

10KB
MD5

b7b453481940d4951e711f8b3a9bcc82
SHA1

771d0a5b599e2501b502338906b66783f51761e5
SHA256

681f863b18b47f04972d94024bd2daf87924281672ed30ee5bca31b93d052403
SHA512

c9d1aeb0b3c38063c0c04cffab1f9465ce61951ddb0cf7aa27778e8572d38b2ea23df5d53df349ea04477153a3989a507170154a59d598bb753deb5cc512ab74
SSDEEP

192:R1Ro8zR7sKQmO2htTlH9lBiO6Qy/dUqkHY5Wa+sf4GzqiuioLxtHpWUbd6pwOWb5:3RdF9d/1OkHydzDoLxXR6eOWGxI7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7b453481940d4951e711f8b3a9bcc82_JaffaCakes118

Files

b7b453481940d4951e711f8b3a9bcc82_JaffaCakes118
.dll windows:5 windows x86 arch:x86

47545bf1e68853bb21c834f2e75fc127

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetupComm
GetFileSize
GlobalDeleteAtom
FindResourceW
SetConsoleTextAttribute
ReadConsoleA
SetMailslotInfo
GetPrivateProfileStringW
GetDateFormatA
GetPriorityClass
GetPrivateProfileIntA
GetVolumeInformationA
ReadProcessMemory
LeaveCriticalSection
HeapValidate
CreateProcessA
EnumSystemLocalesA
GetProcAddress
LoadLibraryA
LockResource
VirtualLock
FoldStringW
FindNextFileA
CreateIoCompletionPort
GetModuleHandleA
ContinueDebugEvent
GetProcessAffinityMask
WriteProfileStringW
DeleteCriticalSection
EndUpdateResourceA
FindAtomW

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 678B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ