5d756f70dd15002ea88ef6f22738d0e9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d756f70dd15002ea88ef6f22738d0e9_JaffaCakes118
Size

19KB
MD5

5d756f70dd15002ea88ef6f22738d0e9
SHA1

a081dbdae6ab70d4aeb8e250b4965d23d00add9d
SHA256

2cf3aa64b7589d5593e635c53123247d8760fdb38c72ff8cc1e3f46c971c97f7
SHA512

521c97569ad0ed8560125a78715a5c86e548c93e594d5deb87e722f5f97feb7b1420e054dfcb9ad69f9eb2b9cccb8d1e8cc1cc7362948d79cc65f596addf8ee5
SSDEEP

192:0iAGbrB4iORs2BckQ16/npaMMYwSZYJ8kCBe:Dt4i0s2BckQnM3rZYJ8kie

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d756f70dd15002ea88ef6f22738d0e9_JaffaCakes118

Files

5d756f70dd15002ea88ef6f22738d0e9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

343bf8a1a8c799c04687c3821e6a731d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
CreateThread
DisableThreadLibraryCalls
ExitThread
FindAtomA
GetAtomNameA
GetModuleHandleA
IsBadReadPtr
IsBadWritePtr
Sleep

msvcrt

_sleep
__dllonexit
_errno
_iob
abort
fflush
fprintf
free
malloc

user32

GetAsyncKeyState
MessageBoxA

winmm

PlaySoundA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 224B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ