69ff94438439f82231f0f037cb380914_JaffaCakes118 | Triage

Sharing

General

Target

69ff94438439f82231f0f037cb380914_JaffaCakes118
Size

79KB
MD5

69ff94438439f82231f0f037cb380914
SHA1

c156231bd5997c705eff463c194aaa3e2de4f891
SHA256

b8a99d5c3f4d7c7120301ff60f8d5e19765d8b6a126214c3bc3b5519b1bb1576
SHA512

18c3c25d8cf23997471ce15fa269a5b158db20408f89082b4673955daeb60745f84e08963e3f8db7008eacf76f179b27cb1b157fb0d485c26b46b8f10a7f97c8
SSDEEP

1536:BloY9TCmaFMdf0MAcqP6ag4wQyajxxV6oq4j:BloY9TCLMT9qyag45yadxrq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69ff94438439f82231f0f037cb380914_JaffaCakes118

Files

69ff94438439f82231f0f037cb380914_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8c5cf95426e862be31cb032a4e72bdf5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FormatMessageA
GetModuleHandleA
GetProcessHeap
MultiByteToWideChar
CreateEventA
GetConsoleMode
GetFileSize
GetFileType
CreateFileA
GetStdHandle
VirtualAlloc
VirtualProtect
GetSystemInfo
GetOverlappedResult
ReadFile
ResetEvent
CloseHandle
WriteFile
WideCharToMultiByte
WaitForSingleObject
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCPInfo
GetCommandLineA

advapi32

IsTextUnicode

msvcrt

memset
malloc
free
_except_handler3
memcpy
qsort
setlocale
_initterm
_amsg_exit
exit
fprintf
_iob
atoi
_strnicmp
_adjust_fdiv

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ