3751ace32ef2721f9143e04ef2018483_JaffaCakes118 | Triage

Sharing

General

Target

3751ace32ef2721f9143e04ef2018483_JaffaCakes118
Size

9KB
MD5

3751ace32ef2721f9143e04ef2018483
SHA1

f046c68e486676530136c27c8c49c6f44a69f774
SHA256

cb2d9c0cea7ad753c655d6a1867a0cb9da08dd86dd10b25688dc4fbe11cbf617
SHA512

125cbcaa4c10b6e7c21b180f1a376a74d0d3f95e930cfa2d09004151f7f3f3c62881fb58d3adf6ba93ffa70d83203e474dae0a349c9828c932e958d65feab163
SSDEEP

192:g7QTqOhrA/qp6N2wBFg6RuAignGmr+jOSg:gsTqOhrAE6NXM6Rd9K+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3751ace32ef2721f9143e04ef2018483_JaffaCakes118

Files

3751ace32ef2721f9143e04ef2018483_JaffaCakes118
.dll windows:5 windows x86 arch:x86

2703a4545a19ca893a4bed3e6609bf0d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
GetTickCount
GetSystemDirectoryA
lstrcatA
CloseHandle
lstrcmpA
HeapAlloc
HeapFree
WaitForSingleObject
GetLogicalDrives
GetProcessHeap
GetDriveTypeA
Sleep
LeaveCriticalSection
FindFirstFileA
GetLogicalDriveStringsA
lstrcmpiA
EnterCriticalSection
GetTempFileNameA
FindClose
LoadLibraryA
FindNextFileA
GetModuleHandleA
CreateThread
lstrcpyA
IsProcessorFeaturePresent

user32

FindWindowA
CopyIcon
EnumWindows
LoadCursorA
GetWindowThreadProcessId

Exports

Exports

Exucute

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 985B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 274B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ