0fb023f6f61c81dd574053b557701428_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0fb023f6f61c81dd574053b557701428_JaffaCakes118
Size

140KB
MD5

0fb023f6f61c81dd574053b557701428
SHA1

417390e66df3887876ce2e68956e7d52467e96f9
SHA256

8598d797393bad12e5b530c02def8229666a13e132e304cef97b6df90e09b6fc
SHA512

b71c92db01a1bf15558209c0f028e0d2f534fe52606b701b7e5e5a8a915942aca689bf26caf2772dd2b5688c1828bb2e530010e960ad058162236a017a244416
SSDEEP

3072:fULcLjz5H7fKCVffl0DU7tVJ5lxSYoO86BRjrFa+kYY:cKz5bSRYvJPxSf6BBRa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fb023f6f61c81dd574053b557701428_JaffaCakes118

Files

0fb023f6f61c81dd574053b557701428_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4c6b921cf0f45307e91ba712dc523a42

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemTimeAsFileTime
GetTimeZoneInformation
GetTickCount
CreatePipe
SetFileTime
GetFileAttributesA
WriteFile
GetModuleHandleA
GetProcAddress
VirtualFree
TlsGetValue
GetLastError
TlsFree
EnumSystemCodePagesA
DeleteFileA
GetModuleFileNameA
TlsSetValue
TlsAlloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 679B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 478B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ