455bdb8e09601d20c689b9908ab6a796_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

455bdb8e09601d20c689b9908ab6a796_JaffaCakes118
Size

88KB
MD5

455bdb8e09601d20c689b9908ab6a796
SHA1

13f4b7625636c61313a462af4024e2d36278da5e
SHA256

bb4594ca9e2c6a253fc9f806e57ddd159b2f4b1d6b1a99625623d87c1d7b125b
SHA512

be795a240b1b744b7f0d6c9bf644ec27ccdc126d0ef8e7824cb91840bbea4c0425a2ad3779fe2bec20effe9c9607d6be99a6366b866d35f492fe89bfb45777bf
SSDEEP

1536:IETvBqvkvHVWLVRvPZ5honL3LTokC8MO17pkg5k2JlNegMA:IETvBqvkvHVWLVRvBInL3YJ8MoyD23N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
455bdb8e09601d20c689b9908ab6a796_JaffaCakes118

Files

455bdb8e09601d20c689b9908ab6a796_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2b2b27b0b09c7ede2c94467f088863ee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

AreFileApisANSI
HeapCompact
GetStdHandle
GlobalReAlloc
OpenSemaphoreA
GetStartupInfoA
GetCurrentConsoleFont
ReadProcessMemory
SetTimeZoneInformation
OpenMutexA
GlobalFree
LockFileEx
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

.at2sec0
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.at2sec1
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.at2sec2
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.at2sec3
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ