857a28945c8d7a745c8d784a473817ab_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

857a28945c8d7a745c8d784a473817ab_JaffaCakes118
Size

51KB
MD5

857a28945c8d7a745c8d784a473817ab
SHA1

226aa6193c2ec6a71d54d54c71fcba1bd8835f87
SHA256

6135ef7159184913554a2317e634f2cd353752938ce090f7dd6b34f49fa66955
SHA512

cb360c25e060ed86ccaf8a48521540a489b4793bc9cb09242ec92143ba955d3b2b0dad43575f013bd99db383e24d976f4261ceafc597480b34bef96403ac107c
SSDEEP

768:qToQFgh0pP7XkhMmdT4iscZtg6rBxIqWZ4dfQCjfelE5th4u:qTjFRFXIx41c3pxddylE5b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
857a28945c8d7a745c8d784a473817ab_JaffaCakes118

Files

857a28945c8d7a745c8d784a473817ab_JaffaCakes118
.dll windows:4 windows x86 arch:x86

70bbf64d0f81153373ae6d1c3e1825e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
GetCommandLineA
VirtualFree
VirtualProtect
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
LocalFree
InterlockedIncrement
InterlockedDecrement
Sleep
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

ole32

CoGetClassObject

msvcr71

_initterm
__dllonexit
_except_handler3
_wcsicmp
malloc
free
_onexit
_adjust_fdiv
__CppXcptFilter

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 850B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 674B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ