3130121ddc88dd0626daf915aeff0fb5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3130121ddc88dd0626daf915aeff0fb5_JaffaCakes118
Size

24KB
MD5

3130121ddc88dd0626daf915aeff0fb5
SHA1

81ba2db3a8d1a7fb564df816571bed4ddd9e505b
SHA256

cb2b907790fb0112a3e848ee566ac0efd3737a9594fcd79745863faf2c5d5f7e
SHA512

d1519a91bcfd28ea6dbda2485e254c6c90ceccb6bcb88d33ae4a6a8ed21a005e0c04a97e8eb6d880b6c1c410f19a818be12fcbe743736417997ae36c63459693
SSDEEP

384:X2SKZsV+VvT2YGhZKjfn6eIDKPXi+vG1IFyQ85L2noyy1FxI3:X28+EdhynLcuXi+UIFcL2noyY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3130121ddc88dd0626daf915aeff0fb5_JaffaCakes118

Files

3130121ddc88dd0626daf915aeff0fb5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e1c6ee34b16eca7135fd67e2d9d22737

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
FreeLibrary
Sleep
LoadLibraryA
GetTempPathA
WritePrivateProfileStringA
Beep
GetPrivateProfileStringA
GetVersionExA
GetCurrentProcess
WideCharToMultiByte
IsBadReadPtr
VirtualProtect
GetSystemTime
CloseHandle
CreateThread
GetCurrentProcessId
CreateSemaphoreA
GetModuleFileNameA
GetStringTypeW
GetStringTypeA
GetModuleHandleA
GetTimeZoneInformation
GetProcAddress
lstrlenA
HeapAlloc
GetProcessHeap
HeapFree
MultiByteToWideChar
LCMapStringA
LCMapStringW
RtlUnwind

user32

wsprintfA
CharLowerBuffA

Exports

Exports

CC
CD
DllMain
HookWin32

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qrdata
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ