233e9a03b385a0c5a5c7ae58f0d1c299_JaffaCakes118 | Triage

Sharing

General

Target

233e9a03b385a0c5a5c7ae58f0d1c299_JaffaCakes118
Size

245KB
MD5

233e9a03b385a0c5a5c7ae58f0d1c299
SHA1

1c368fd4cb95f4bfc8092c5d67cfb95550ec5cbc
SHA256

d925c96bf5a1ce9c88e31303c8e3f49da3320e7cb91cda855d00d1aba66c7dd9
SHA512

85c05ebe0ad2bd474d93f5609dbf6fa1109114b7820520642c7185ac6c34118f65b170826a442a6a9120336dcc253fe9a0b3d82880bb94fb14c172b931f522e2
SSDEEP

1536:GANHXGT2c2HF0J1gZ7A/S/lmICxcwsGFVvxwwzoEjXIbL7WrSg5iwfV1xUrGk5Ty:bsEC1guIDUnF+7Wrn5VV1erGWTy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
233e9a03b385a0c5a5c7ae58f0d1c299_JaffaCakes118

Files

233e9a03b385a0c5a5c7ae58f0d1c299_JaffaCakes118
.dll windows:5 windows x86 arch:x86

528497989e1f7986c669c046d032f38f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcatA
GetProcAddress
GetSystemDirectoryA
GetFileTime
CloseHandle
WriteFile
SetFileTime
LoadLibraryA
CreateFileA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
InterlockedCompareExchange
Sleep
InterlockedExchange

advapi32

RegOpenKeyA
RegSetValueExA
RegCloseKey

msvcr90

__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
malloc
free
_adjust_fdiv
memcpy

Sections

.text
Size: 241KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ