6fbed2ea7c717b9679f5b67d42ad1deb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6fbed2ea7c717b9679f5b67d42ad1deb_JaffaCakes118
Size

75KB
MD5

6fbed2ea7c717b9679f5b67d42ad1deb
SHA1

e7b5b088f9fe2d715ce3d23c45386d38f850932d
SHA256

064ac92c9c1634cb98ec4caab339cde2d95d61e1ed860eab619adabd715b0de0
SHA512

04c0ec3941158a554e7f9f985f2a4865f7ea126c88ce08dd913a83803228353464b42efc2a284c0b2c9620811b8204fc02b3c1368e7bccd2d541ca42f3b21831
SSDEEP

1536:cqw5RD5T15dshD4+v97JaQ+bK65oRf+YfWWLtkx3mXUVP4paCkIz+p2GEsy1:65v1A5R+bGRHpLt++0gpaCkIipOsy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fbed2ea7c717b9679f5b67d42ad1deb_JaffaCakes118

Files

6fbed2ea7c717b9679f5b67d42ad1deb_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e7e81f9f13a99db7631add600b7d1a5f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapAlloc
LoadLibraryA
WriteFile
WideCharToMultiByte
HeapFree
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsA
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
lstrcpyA
GetOEMCP
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
GetCPInfo
GetACP

ltkrn13n

ord282
ord189
ord188
ord192
ord283
ord166
ord190
ord191

lffax13n

ord201
ord200

Exports

Exports

DllMain
fltDeletePage
fltInfo
fltLoad
fltSave

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ