7716598d32853f5a5363fb0d72e65ecf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7716598d32853f5a5363fb0d72e65ecf_JaffaCakes118
Size

1.6MB
MD5

7716598d32853f5a5363fb0d72e65ecf
SHA1

14ded0f1cefb32312c42ade52be9b70c5a858c84
SHA256

c96a2707ef84852bd1984f597911cdbcb3d30c6fa52792adafa1fad7cd610219
SHA512

55f6253aac35a401298319f94f410b61431384b382f02b3f207011d41ea81b45946a27eec49420bdb92a127ea0d4c47cdd073788a769add41892123029da38a5
SSDEEP

49152:Iy6IUqz0qFC2/BOHFRiUMwSO2SsoY/Z8W6onouAPlcr/5N5:IhdqIqFC2+FZMw3Rsnz9ouAdcd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7716598d32853f5a5363fb0d72e65ecf_JaffaCakes118

Files

7716598d32853f5a5363fb0d72e65ecf_JaffaCakes118
.dll windows:4 windows x86 arch:x86

df08b1ecbd2c58f4b1df394806ff2d47

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CreateMutexA
ExitProcess
FileTimeToLocalFileTime
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsW
GetCommandLineA
GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
GetExitCodeProcess
GetFileTime
GetLastError
GetLocaleInfoW
GetLongPathNameA
GetModuleHandleA
GetPriorityClass
GetProcessHeap
GetProcessId
GetProcessVersion
GetSystemTimeAsFileTime
GetVersion
GlobalAlloc
GlobalFree
GlobalUnlock
HeapSize
IsValidCodePage
IsValidLocale
LCMapStringW
LoadLibraryA
MoveFileA
OpenEventA
PeekNamedPipe
RemoveDirectoryA
RtlUnwind
SetEvent
SetFilePointer
TerminateProcess
VirtualAlloc
WideCharToMultiByte
WriteFile

user32

GetSysColor
LoadMenuA
MessageBoxA
PostQuitMessage

Sections

.text
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.5MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ