29ea93930bb3b221132c37ad565e4fdc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29ea93930bb3b221132c37ad565e4fdc_JaffaCakes118
Size

100KB
MD5

29ea93930bb3b221132c37ad565e4fdc
SHA1

f2534f5bc03c1d650ce4e630807ad0a87a5b2619
SHA256

77b1b10a4f0cc34b1319b090faa09ac09e25c4ec9c34fa3909670df47c3bc6e1
SHA512

ba3d4183908a136233b8c1a9ac2a6d6f49e28f5f81ce2aa2ef6cefad77d92ccc91c10e1bebd9419ce1a9cd99507cf0716b780d0cd4336c761c536d5c58e02ebf
SSDEEP

1536:6Fe7Qwg1VL3nHNlL4vs3GhXLPjjKL1JSTamm:602PLXHLH3GJ7jwWT7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29ea93930bb3b221132c37ad565e4fdc_JaffaCakes118

Files

29ea93930bb3b221132c37ad565e4fdc_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ec0f243b3988d6b04cb4554cb6aff7bc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

fsvizuwfdosjn.r2e

Imports

kernel32

SetCurrentDirectoryW
LoadLibraryW
GetSystemDirectoryW
GetCurrentDirectoryW
ExpandEnvironmentStringsW
lstrcpyW
lstrlenW
lstrcmpiW
lstrcatW
GetModuleFileNameW
LocalFree
HeapReAlloc
HeapAlloc
GetProcessHeap
HeapFree
InterlockedDecrement
InterlockedIncrement
GetVersionExW
GetModuleHandleW
LocalAlloc
GetProcAddress
GetComputerNameW
FindFirstFileW
FindClose
SetLastError
lstrcmpW
lstrcpynW
GetLastError
GetLogicalDrives
MoveFileA

Exports

Exports

bodygxq

Sections

.code_01
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ