279870e583a509406ac7e1727ad26f06_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

279870e583a509406ac7e1727ad26f06_JaffaCakes118
Size

26KB
MD5

279870e583a509406ac7e1727ad26f06
SHA1

6159bb1ca7fdc1a4c41721280237aaf0a9ad29ee
SHA256

788f93eea4f7e9688dc249f6e0270dd757dc8040f9dec5ca8ded057327352338
SHA512

b4b299ff246a7ba05bbb98d7fd6ecb794e0eff6e71cc68f54e604a3b65fd86a14fa006c2886cdf8d9437ace4f74538656975fe6525320f282267adda0046c89d
SSDEEP

384:0xV4/wQOvQb0nJ8YpD2YstS3w7xpGT3P7lmQxRbhOerI+3vQtcmwp/nbt/43NW13:0xXfnCK2ZMA6Tf7lFtOK4tvwp/n9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
279870e583a509406ac7e1727ad26f06_JaffaCakes118

Files

279870e583a509406ac7e1727ad26f06_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5cf00194318d898b3dd2486688d1faf1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

NlsConvertIntegerToString
GetProcAddress
GetSystemDefaultLCID
GetConsoleAliasesW
lstrcpyW
GetNamedPipeHandleStateA
GetVersionExW
GetProcessWorkingSetSize
WriteConsoleInputVDMA
SetConsoleNumberOfCommandsW
GetConsoleAliasesLengthA
EnterCriticalSection
VirtualFreeEx
GetCommandLineA
ExitProcess
GetStartupInfoA

Exports

Exports

Xsaergwivo
OpenErfmfmic

Sections

.text
Size: 4KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.csvit
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE