74b1f6e78f8a4b0f5ae4e4f805e5aef5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

74b1f6e78f8a4b0f5ae4e4f805e5aef5_JaffaCakes118
Size

48KB
MD5

74b1f6e78f8a4b0f5ae4e4f805e5aef5
SHA1

ac4a1864a3d6f0db41821ee569c57d891c6c1b0e
SHA256

3b9585556b461781e76940c8c651ff1e9e9a853db1f2b5e10cd4df6adf96487c
SHA512

2c9043bc88ace78ccb9df41c16920bfb6cc0216ae6914a78d4ebd22e998ac18c3de947a81080103e634ed8c0b8044c078270a3bb581346f8645e3c7b5ffab271
SSDEEP

768:KloxsWKdJMsfDHvL0zNimhjVvw0GCr2LWryXLXo9N+HxQ:8oyfssfDHvL0zEmdV40GCyL7job3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74b1f6e78f8a4b0f5ae4e4f805e5aef5_JaffaCakes118

Files

74b1f6e78f8a4b0f5ae4e4f805e5aef5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

9f8cfd43ddf43601dacd36a45f15f302

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualFree
VirtualAlloc
lstrcmpiA
GetProcAddress
LoadLibraryA
SetErrorMode
GetCommandLineA
GetSystemTimeAsFileTime
GetStringTypeW
GetStringTypeA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
HeapDestroy
HeapCreate
HeapFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
HeapAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LCMapStringA
LCMapStringW
RtlUnwind

Exports

Exports

tvAttrb
tvCalibrateDoc
tvGenConstant
tvPrepaireDoc
tvReportInit
tvSimpleDoc
tvSimpleGen
tvSituation1
tvSituation2

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ