62b96d180c9469bfa21e3128fa730550_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

62b96d180c9469bfa21e3128fa730550_JaffaCakes118
Size

96KB
MD5

62b96d180c9469bfa21e3128fa730550
SHA1

08dd85e13f7940571d3be62dea049b9a27a07939
SHA256

97cd430131a1e517d55d8e63da112313aeb6c66447a09f780d4c5aa4d2a0fea3
SHA512

033e995133add606c6bf3f6cceccdcb805faa217ea2f165985593ccd647c827ad142d849e2b7cdc1b924ab5bbadf1df96fa4594c117f12371cf950e148d54036
SSDEEP

1536:sLoaOvua2Qf+Q7iHhlWVmvzTpolLYED8ct/c4JI2JPN0u1:sLoL2a2M7iHhlamvst/c4FZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62b96d180c9469bfa21e3128fa730550_JaffaCakes118

Files

62b96d180c9469bfa21e3128fa730550_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2f9eff751ce6c1481a06f535f1279d5d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

vsprintf
strncpy
strrchr
_stricmp
sprintf
strtol
strchr
??2@YAPAXI@Z
_purecall
??3@YAXPAX@Z
realloc
free
_vsnprintf
_ftol
_initterm
_adjust_fdiv
__dllonexit
_onexit
malloc
_ftime
_strcmpi

ole32

CoCreateGuid

kernel32

DisableThreadLibraryCalls
GetTickCount

Exports

Exports

RMACreateInstance

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE