8974bca08049717efd0a9098ebb9f20a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8974bca08049717efd0a9098ebb9f20a_JaffaCakes118
Size

45KB
MD5

8974bca08049717efd0a9098ebb9f20a
SHA1

c05ee1d87b9755db7395453e77ff1f73190228f5
SHA256

ce51d9b1effe6d8f5614df96fbe1ce70ae34ea93befc659c14e51db3a8e81f81
SHA512

08a60780389c8b90ef5d6e622354b35445f0dd2b48081af7ab629dd9a7a85a6e92a9a9614e68d9c72d4d483bbc762a2f4f974c1dd7a6ed5883735c795a1c0adb
SSDEEP

768:uZNCafAdUJ/jZmyocYmqH1IyeQRYbjn6x4IsCK92Y+vSn5KWm4jyyiktQEjcBUdj:uTdZfKiySjn6+T32rvS3AjEkU9sM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8974bca08049717efd0a9098ebb9f20a_JaffaCakes118

Files

8974bca08049717efd0a9098ebb9f20a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

583a031fe7a445b20ecb5d9d5e24b4f8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
VirtualProtect
GetCommandLineA
GetVersion
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection

msvcrt

__CxxFrameHandler
_except_handler3
malloc
_initterm
free
_wcsicmp
_adjust_fdiv

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 670B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ