74b57ccd4c344d85c7945c5473b4e496_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

74b57ccd4c344d85c7945c5473b4e496_JaffaCakes118
Size

28KB
MD5

74b57ccd4c344d85c7945c5473b4e496
SHA1

2c2ba56c81759338d44a22021cbc1a07c9e5a625
SHA256

78c3e6c6f41602cd1f4c34559566ddcc68ab5bb647ac4b9fe4195112fb662c0c
SHA512

6651751ccc56b552a26ac24949719ddf4104f062c4da9897ebd1f6ab0f4b978ca6afd69b85969252060855a72d1c9a9d72feed5b9435468e36f46c9db7b34adc
SSDEEP

768:aopJMhCa9F9YcYJRn7HVuiIOpTNCVHMAU5D7NFSqeHwQ:ayJ4CaH9Yn7HVuijbCOj5d0wQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74b57ccd4c344d85c7945c5473b4e496_JaffaCakes118

Files

74b57ccd4c344d85c7945c5473b4e496_JaffaCakes118
.dll windows:5 windows x86 arch:x86

f818c9e1378669a176110e91bb0c04e6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CopyFileA
CreateMutexA
ExitProcess
FreeResource
GetACP
GetCommandLineA
GetLocalTime
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemDirectoryA
GetWindowsDirectoryA
Module32Next
OutputDebugStringA
ReadFile
RtlUnwind
VirtualAlloc
VirtualAllocEx
VirtualFree
VirtualFreeEx

msvcrt

__getmainargs
__p__commode
__p__fmode
_except_handler3
_exit
fprintf
rand
vswprintf

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ