948c133fcdfe8fa1f3ba148e71f41d02_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

948c133fcdfe8fa1f3ba148e71f41d02_JaffaCakes118
Size

100KB
MD5

948c133fcdfe8fa1f3ba148e71f41d02
SHA1

9ee33360a83c20d6118563c6a9fb1a4331472713
SHA256

15340fb705d6a798976bccff0c5b5598eb8c082f3685c76fe334568d34773a9d
SHA512

e35697732fe13cd697f1946abb0b9c02884d7c54b62c2ebdfa34c36376b478dc31a1c237b999f80a8bd4c6335a855ae776793595b788e0eb707fc44e32e0e15a
SSDEEP

1536:nPVTlGjVBnCX8rzSGD9QGeQL7NzbjHFv9FlF9BFfYRKYqgnqR:nGCX8ruGD9QGhLxHjHL/F9BRqKY5na

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
948c133fcdfe8fa1f3ba148e71f41d02_JaffaCakes118

Files

948c133fcdfe8fa1f3ba148e71f41d02_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3aa63ed5b39a521c01dd2724a79f5fc8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
Beep
HeapAlloc
GetProcessHeap
HeapFree
CreateTapePartition
SetEndOfFile
CreateFileA

Exports

Exports

pmsbknli

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 400B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ