213a85c95ecd37f58ec4bba02d6ba59e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

213a85c95ecd37f58ec4bba02d6ba59e_JaffaCakes118
Size

168KB
MD5

213a85c95ecd37f58ec4bba02d6ba59e
SHA1

4be6cbd0aa78f58a6e9030bbd513247a97d11b9e
SHA256

6d454da109a610d9c9c7a5e3a958a01fe8b0c3b0cccc8adff78fa2f7338e8aca
SHA512

01cea76f70beadf7fe24dd34086150413a50c74cc7baf5886988333cf2cd0a5d18a447087ab07ab31f81fede7fe8c2dfe9eaf875ca09ef2d3e73d2b0b7da8138
SSDEEP

3072:pIl24eKKTl1bfnsH3zOTOsuKT9x8vxTyfJD0bvMe:6TUvTnsH3ziOMTVfJKM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
213a85c95ecd37f58ec4bba02d6ba59e_JaffaCakes118

Files

213a85c95ecd37f58ec4bba02d6ba59e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

eefbc6ed894a6764171bf3fecbe86db7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemTimeAsFileTime
GetTimeZoneInformation
GetTickCount
CreatePipe
SetFileTime
GetFileAttributesA
WriteFile
GetModuleHandleA
VirtualFree
GetProcAddress
TlsGetValue
GetLastError
TlsFree
EnumSystemCodePagesA
DeleteFileA
GetModuleFileNameA
TlsSetValue
TlsAlloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 679B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 144KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 470B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ