3a6c835312e7fb3b8a94be4d0118b6bf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a6c835312e7fb3b8a94be4d0118b6bf_JaffaCakes118
Size

223KB
MD5

3a6c835312e7fb3b8a94be4d0118b6bf
SHA1

39b8e16654a703fd678031035d7f1d807c4aaa97
SHA256

305b985c5a7d9b961417e15c81051bd264c06f691fb4b8c3346e34968369c625
SHA512

8d1dc6a361a91109c623470902d9dac0f0aeafffa25726332fd08d513b2b4ea5b7dda9135a60fd4827bf38ff950a80ae8c07a581b4c762b070d1bca470947499
SSDEEP

3072:w6uW+hHCsbiVAJ4gVzWoJGlHOCUwRuX+/raPzVcOdpf42Q7ne7hK+MxDk4RSXe2G:EKAiSJZWycpDc5cMpfqDe72k4Rae2wa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a6c835312e7fb3b8a94be4d0118b6bf_JaffaCakes118

Files

3a6c835312e7fb3b8a94be4d0118b6bf_JaffaCakes118
.dll windows:5 windows x86 arch:x86

6c94088ba42902338b5dddcbe6cf6b5f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
GlobalHandle
GlobalMemoryStatus
LockResource
LoadResource
FindResourceA
FreeResource
DisableThreadLibraryCalls
GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter

Exports

Exports

MW_GetValue
MW_MemSize
MW_SetOption
MW_UniESCP
MwEnd
MwInit
MwInit2
MwWrite
MwWrite2
_uMW_GetValue@16
_uMW_MemSize@36
_uMW_SetOption@12
_uMW_UniESCP@24
_uMwEnd@4
_uMwInit2@44
_uMwInit@40
_uMwWrite2@20
_uMwWrite@20

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 700B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ