8903dcb69b55d70ba00937189bb4896a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8903dcb69b55d70ba00937189bb4896a_JaffaCakes118
Size

177KB
MD5

8903dcb69b55d70ba00937189bb4896a
SHA1

c728e4a3666cb2231117f19049893ec88f50ac18
SHA256

fd299cab23b1d7d85d65bf5f4afe3745ba7ade5042df4b712c3d2e939f1a483a
SHA512

6cfbd58a0894cec52241d9ff19d1df1e90c5fd7d615e4b14351f666d312f9ec830d74c708bf079a7ddf223c63ca0a38b92ce2cbf71443502511dd13b6ffb7fb7
SSDEEP

3072:CHwyEf5HU76wFqVzIMbV4d8bQNZRzmT6d8IrgkpgGPmlbGTr3mQVahSjhlz2:CHwyYHWMbVGZRzmTQgkp/PLjk8P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8903dcb69b55d70ba00937189bb4896a_JaffaCakes118

Files

8903dcb69b55d70ba00937189bb4896a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a977732d1a9bdd71cd0dc523c1341ca7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
SetEvent
ResetEvent
LoadLibraryA
GetProcAddress
WaitForSingleObject
GetLastError
CreateEventA
VirtualFree
VirtualAlloc

oleaut32

SysAllocStringByteLen
SysAllocString

msvcrt

memcmp
??1type_info@@UAE@XZ
free
__CxxFrameHandler
_CxxThrowException
memmove
malloc
_except_handler3
?terminate@@YAXXZ
_initterm
_adjust_fdiv

Exports

Exports

CreateObject
GetMethodProperty
GetNumberOfMethods

Sections

.text
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ