5a378c4b19e059f67357609d3be398a8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a378c4b19e059f67357609d3be398a8_JaffaCakes118
Size

25KB
MD5

5a378c4b19e059f67357609d3be398a8
SHA1

5b736c4cf66a39573ad554c3fd7cb7eb539f5a59
SHA256

cafc03bac13888f539aa3f167800c909cfcccd0e00c76a49f9f03f2797dd3ac0
SHA512

b9e4ecd7a2219c0f1024f83fce75784f033c884129b2d4403a97330ab0c7d1396efb38b1bffee007882cf3706b6209ac64b40511035823e4ccbb306749a6aeaf
SSDEEP

768:ko6VfBY2FjhIfZ4vtZmraEAeYQcE2wUVKcG:klf73udnP2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a378c4b19e059f67357609d3be398a8_JaffaCakes118

Files

5a378c4b19e059f67357609d3be398a8_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b5ea8e61b118548160d010d466cdb382

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindVolumeClose
SetUnhandledExceptionFilter
GetConsoleWindow
LeaveCriticalSection
RegisterConsoleIME
SystemTimeToFileTime
_lcreat
WaitForSingleObject
GetCommandLineA
ExitProcess
GetStartupInfoA
RegisterConsoleIME
GetQueuedCompletionStatus
QueryDosDeviceA
EraseTape
SetConsoleTitleA
GetConsoleCommandHistoryLengthA
GetConsoleAliasesLengthA
GlobalAddAtomA

Sections

ATSEC0
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ATSEC1
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ATSEC2
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ