27e697f7a2162f3edebadee320b9f6ee_JaffaCakes118 | Triage

Sharing

General

Target

27e697f7a2162f3edebadee320b9f6ee_JaffaCakes118
Size

14KB
MD5

27e697f7a2162f3edebadee320b9f6ee
SHA1

7f096e321aa8dcfbff5273f217462c1ae908baa4
SHA256

e397153820c1ad0a9582973985476e5e7d9c853664644015ba94e1b75efbb22d
SHA512

5099c4034b30e3d4fe256adbbdebeaf4ae0cf82f27338bbdb7ad085dca105a5790406fe0f003f3cbbaaa4a9c2b926db2c676ee7e7750fca24cfd0c6b18cda47d
SSDEEP

192:hnfx6Rejn6g78cN8XdC+1cMNUTh4X/jIIObESbbFOK5PhiaeIa3ek1x+aReysFti:Faeu9cN8BhqMOll55ChOkReysFa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27e697f7a2162f3edebadee320b9f6ee_JaffaCakes118

Files

27e697f7a2162f3edebadee320b9f6ee_JaffaCakes118
.dll windows:4 windows x86 arch:x86

00987bc60e921cf2dbdc05adabc9b85b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
FormatMessageA
InterlockedExchange
lstrcpynW
FreeResource
HeapReAlloc
CancelWaitableTimer
HeapFree
lstrcpyW
GetEnvironmentStrings
InterlockedIncrement
CreateEventW
LocalLock
SetEnvironmentVariableW
EnterCriticalSection
LockResource
ExpandEnvironmentStringsA
LocalCompact
lstrlen
lstrcpyA
UnhandledExceptionFilter
GetModuleHandleW
FindResourceA
MultiByteToWideChar
SetEvent
WaitForSingleObject
LocalAlloc

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 673B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 66B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ