5e2f2c0682f3d47f31c1c4de9b97df6f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5e2f2c0682f3d47f31c1c4de9b97df6f_JaffaCakes118
Size

85KB
MD5

5e2f2c0682f3d47f31c1c4de9b97df6f
SHA1

0197e23babbb4c28510ceb79366cddec32f9d676
SHA256

1d4f6f52452f9f5f03858cfaa3557b0122372865e58a5ad2eba08b7fe7adbad7
SHA512

eac1b188f72fc8ef912b577fa5199e18de01e2196b2cbaf692f13fe1e13181093e2b586aca260efc2ecc0ff0a0fa3ab6d642b9da202e8cd76e23e72bd99223f1
SSDEEP

768:V1/JOjEfeBJ3d6AEFJ1x7XM6uOfG5xB1UZLZ0CdoFUw63j8wYBU2WJsb2A:Vy4feZsF3x46uO1ZLZ0CdoTwYKPE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e2f2c0682f3d47f31c1c4de9b97df6f_JaffaCakes118

Files

5e2f2c0682f3d47f31c1c4de9b97df6f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4337a5c15a92fbf3bdf01348f2b563ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

menacirinum.pdb

Imports

kernel32

TerminateProcess
GetCurrentProcessId
GetTickCount
UnhandledExceptionFilter
CreateRemoteThread
GetModuleHandleA
GetModuleHandleW
CloseHandle
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetLastError
GetCurrentThreadId
OpenProcess
Sleep
GetProcAddress
GetSystemTimeAsFileTime
GetCurrentProcess

advapi32

AdjustTokenPrivileges
OpenProcessToken
IsValidSid

Exports

Exports

yvkcott

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ