3ebc186a7b7fec4162baee0554757158_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ebc186a7b7fec4162baee0554757158_JaffaCakes118
Size

6KB
MD5

3ebc186a7b7fec4162baee0554757158
SHA1

0c6563d3dcf0b5f085b3011ac607f4117cc40cb4
SHA256

c2dba2f468df8d71535037b633980e55c3c76e7e3c71a081cda9f43ce4eddb0f
SHA512

02fd15bb4465a23e1eb73137bc928b6184106b9344e3e36a6300903722c4e394da0421e724660d2b1348f5a7cf3d1faa6be63348e54df8a574eb9b2cf95fabf5
SSDEEP

96:/XzXh8CqI6uU035PuyDK4KbZRnQW3QtqB5LNJ:/Th8LIl352yDFKvQW3QtET

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ebc186a7b7fec4162baee0554757158_JaffaCakes118

Files

3ebc186a7b7fec4162baee0554757158_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d52356e2c6f26fd5a60230451ab17d69

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
GetTempPathA
CloseHandle
FreeLibrary
WriteFile
CreateFileA
lstrlenA
GetProcAddress
LoadLibraryA
HeapFree
GetLocalTime
GetTickCount
ReadFile
HeapAlloc
GetProcessHeap
SetFilePointer
DeleteFileA
CreateThread
GetLastError
CreateSemaphoreA
GetModuleFileNameA

user32

wsprintfA

shell32

ShellExecuteA

Exports

Exports

Set1
_DllMain@12

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 758B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ddata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 398B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ