93d111fbb7438a183d995d5cb199d066_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

93d111fbb7438a183d995d5cb199d066_JaffaCakes118
Size

80KB
MD5

93d111fbb7438a183d995d5cb199d066
SHA1

f2d27e004bd00938cc78cde6912b09ce859897d6
SHA256

4f8e8f20af013d413cff5256cdd8a08ee031cc74b9b2265ff32f3303f1a408cf
SHA512

ff0d77f733df2818710ca666a1ba1d7313dd167fc2c5035e1f88511859e7098d9ec0bf8059384200966d0dc5132ae81f021aa648cc382bb742af88698502860b
SSDEEP

1536:bfzw62gEQUmIhxkTQ8h3ZqVOY+RIoHhA9ye2a/V9Tg/mkpeDey:bf10b6TQ8/qYJHhhb4V9wmr6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93d111fbb7438a183d995d5cb199d066_JaffaCakes118

Files

93d111fbb7438a183d995d5cb199d066_JaffaCakes118
.dll windows:4 windows x86 arch:x86

fe991fd18a74014bb305cf5b43339c9a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
LeaveCriticalSection
WriteFile
GetProcAddress
CreateFileA
GetComputerNameA
InitializeCriticalSectionAndSpinCount
VirtualProtect
InterlockedCompareExchange
InterlockedDecrement
SetLastError
CreateProcessA
EnumResourceLanguagesW
WaitForMultipleObjectsEx
GetThreadLocale
GetEnvironmentStrings
GetSystemTime
PeekConsoleInputA
FindActCtxSectionGuid
WriteFileEx
SetCommMask
SetHandleInformation
SetStdHandle
lstrcpyA
WinExec
SetupComm
IsBadStringPtrA
GetTimeFormatA
GetModuleFileNameW
TransactNamedPipe
GetProfileSectionA
GetFileType
IsBadStringPtrW
GetTempPathW
LocalAlloc
GetFileSize
lstrcatW
SuspendThread
FormatMessageA
GetConsoleCP
GetSystemInfo
SetComputerNameExW
GetSystemDefaultUILanguage
ReleaseActCtx
CompareStringA
FindResourceExW
SetNamedPipeHandleState

Exports

Exports

eapNetTray

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ