0af397f8ce6cc2977e67246e70168f97_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0af397f8ce6cc2977e67246e70168f97_JaffaCakes118
Size

25KB
MD5

0af397f8ce6cc2977e67246e70168f97
SHA1

ffe8df73c74046885c20416d214d3cbc811d03ff
SHA256

a984b0f012f539bab3f9d9f80dac96f0cea54262ed0dbf6a7ce2f13ab54993da
SHA512

26eb248d69c5bc8e95667cb492cd3d28555129cf5b9df9aee1de60941d2fc76fc018aa4dd39b0f524ec09067d02008ceee49b5e8d89ef920a03c967863a8e7cd
SSDEEP

384:MphjBbmd+UMBSsq+x7UQyyamvhDMEWfZNOwVCoxMeH:Ewd+UMRq+yy5vhDCpVCq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0af397f8ce6cc2977e67246e70168f97_JaffaCakes118

Files

0af397f8ce6cc2977e67246e70168f97_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b354a7e703a9b587f0e57e423b65eed0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemTime
SetInformationJobObject
GetDiskFreeSpaceExA
FreeResource
GetUserDefaultUILanguage
GetDefaultCommConfigA
SetConsoleTitleA
RegisterWaitForSingleObject
UnmapViewOfFile
ClearCommBreak
CreateHardLinkA
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

icode
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

idata
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ