7470f68a4b4bf42c1a28c1fb039b62d7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7470f68a4b4bf42c1a28c1fb039b62d7_JaffaCakes118
Size

81KB
MD5

7470f68a4b4bf42c1a28c1fb039b62d7
SHA1

80c77808570bafa312c3f3a98297ac7f003d34a8
SHA256

484412d784fd7128e07a442e91cd2e54dfd0fee832f6931d6e1418dc1df38453
SHA512

46c2ee5261484fc60af4b4299af3be9a8c328282ff3b31e4e52809b620f6e005a80d6792d16e9bf616de00af51df095b7474f5f9f6fd99c1c7734d2747c4bef9
SSDEEP

1536:7BivdneGFO5p1S2X2AbRgGPzFzLg0ajBZW0QWeJRjrCNzVonOzqfTs:7Bivd5Aw2GugGpXg02ZW4IkaOu7s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7470f68a4b4bf42c1a28c1fb039b62d7_JaffaCakes118

Files

7470f68a4b4bf42c1a28c1fb039b62d7_JaffaCakes118
.dll windows:5 windows x86 arch:x86

b43646fe5948e62bca4f3a9563c8ca89

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
ExitProcess
WriteConsoleOutputAttribute
VirtualProtect
GetModuleHandleA
GetStartupInfoA
GetModuleFileNameA

user32

GetUpdateRect
CloseWindowStation

Exports

Exports

IsMmxgtnsbc
Qanhgdsula
Wwpsvykaw
Dclpmfmfsd
Mfwbuwfm
InitHlaasiqeh
Iahnqpkgbvt
ReadSejfarexr

Sections

.text
Size: 7KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rcode
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata1
Size: 66KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrd
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ