8234a4eebe4b54281b48537df8bc9d77_JaffaCakes118 | Triage

Sharing

General

Target

8234a4eebe4b54281b48537df8bc9d77_JaffaCakes118
Size

52KB
MD5

8234a4eebe4b54281b48537df8bc9d77
SHA1

3828054abace8ae168586e16db62a65a3bdccfad
SHA256

38c24849b777e99a874636e0e57d2b4bface9ab316722e2f3190b7d5cceb38fd
SHA512

f281fc4e3749af2223a9f119c4c1dd96a1410d6525867dcc98a15fdd49bee01af3c6faf574f652b5876a2afb0c2555351dd15f1c555aeac66204802ccf42a111
SSDEEP

768:4DNLmBRBUuqpi61voz0x059PaQ31DMJtsLb1g/68PvHFsrKuo93Bl0:ymkv1wq0TCGMnsP6/DPvHFsoT+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8234a4eebe4b54281b48537df8bc9d77_JaffaCakes118

Files

8234a4eebe4b54281b48537df8bc9d77_JaffaCakes118
.dll windows:4 windows x86 arch:x86

189eac7222923fd1933f5436dd28ffa4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
DeleteFileA
lstrcatA
GetTempPathA
CreateEventA
lstrlenA
lstrcpyA
GetCommandLineA
VirtualProtect
LoadLibraryA
lstrcmpiA
GetProcAddress
VirtualFree
VirtualAlloc
GetStringTypeW
GetStringTypeA
LCMapStringW
GetVersion
HeapFree
GetLastError
CloseHandle
WriteFile
ExitProcess
TerminateProcess
GetCurrentProcess
HeapDestroy
HeapCreate
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapAlloc
HeapReAlloc
SetStdHandle
FlushFileBuffers
SetFilePointer
CreateFileA
GetCPInfo
GetACP
GetOEMCP
SetEndOfFile
ReadFile
MultiByteToWideChar
LCMapStringA
RtlUnwind

user32

wsprintfA
GetSysColor

Exports

Exports

Ordinal1
Ordinal2
fOrdchk43236

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ