0c4c0abb8cfc04d8d6720eca9442efe9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c4c0abb8cfc04d8d6720eca9442efe9_JaffaCakes118
Size

294KB
MD5

0c4c0abb8cfc04d8d6720eca9442efe9
SHA1

50f1cbc2343d130fa3824a193b0f5d9929b95920
SHA256

9659c17c5d6c8202edfc8edd61d28c312a85df7eff4fe81c8abe26eac32fa04f
SHA512

65b62aed5c755d87047c55cb3dfd0ecc50a26c29f86d9947100110555002a46e7b67e757b16d140fcfe16d2f9295d685ccd03c97dbf714e5cc161049ed54c7a7
SSDEEP

3072:VmZbSVsvdRQ+t5625/dCTYp78g3KOxchHXLLUYOAA4jZBdYgY2epfB04+onc:VmZas066OjAA4XdYgSpfB04+9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c4c0abb8cfc04d8d6720eca9442efe9_JaffaCakes118

Files

0c4c0abb8cfc04d8d6720eca9442efe9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

bd0c5e2173fde31d22cb05fc3c2a33dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
GetLastError
VirtualAlloc
VirtualProtect
lstrlenW
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 502B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ