5c36699fe20514ca5fd7aa595962a845_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5c36699fe20514ca5fd7aa595962a845_JaffaCakes118
Size

178KB
MD5

5c36699fe20514ca5fd7aa595962a845
SHA1

3d2988946f10ee2f4e8c68cb765ca0fbfc433939
SHA256

e57472ed726eabc7822f13a04c20c216806e85716d4ab94dd1c16223b985aff6
SHA512

405cb8561de05ee7525355d98f52218040d85a83d55251ec85bec53c1bf1dadf2c5d2868d37a85869bc365bd684f3d8a9c32baa84bc3d30b4e41f9f5877662d0
SSDEEP

3072:MHwyEf5HU76wFqVzIMbV4d8NQNZRzmId8J74mxSq5UiYJHLPZio29hRIRfct3Mv:MHwyYHWMbVYZRzmX74CerxiRWRfct3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c36699fe20514ca5fd7aa595962a845_JaffaCakes118

Files

5c36699fe20514ca5fd7aa595962a845_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a977732d1a9bdd71cd0dc523c1341ca7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
SetEvent
ResetEvent
LoadLibraryA
GetProcAddress
WaitForSingleObject
GetLastError
CreateEventA
VirtualFree
VirtualAlloc

oleaut32

SysAllocStringByteLen
SysAllocString

msvcrt

memcmp
??1type_info@@UAE@XZ
free
__CxxFrameHandler
_CxxThrowException
memmove
malloc
_except_handler3
?terminate@@YAXXZ
_initterm
_adjust_fdiv

Exports

Exports

CreateObject
GetMethodProperty
GetNumberOfMethods

Sections

.text
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ