9756c1492c876bfcbcbdad9c755d5e69_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9756c1492c876bfcbcbdad9c755d5e69_JaffaCakes118
Size

140KB
MD5

9756c1492c876bfcbcbdad9c755d5e69
SHA1

ed03abd4b23b5c9aa5de2f6213ff61426003b3fd
SHA256

04b7a66fcd950c947b9cd02400af8668c23ad8c9b0cb690c25e44c73fd51a21a
SHA512

cb7e5521839d8a0136b4b814533da4a9eeb09561e1cccd38b0e50a66be2e1bc82355d8c5cb2455d79f9872b9a4dea0796c3ddab22f9a085f0b4efc67434a568b
SSDEEP

3072:R4wYB8NpTX2J/3gX6BngXKZSBlfeZNKUOvnCYnibsYSxbEh:RkBepTg/QKg2SXmSUOv9c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9756c1492c876bfcbcbdad9c755d5e69_JaffaCakes118

Files

9756c1492c876bfcbcbdad9c755d5e69_JaffaCakes118
.dll windows:4 windows x86 arch:x86

fb6543e139045770665f5b9bee0139fa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemTimeAsFileTime
GetTimeZoneInformation
GetTickCount
CreatePipe
SetFileTime
GetFileAttributesA
WriteFile
GetProcAddress
VirtualFree
GetModuleHandleA
TlsGetValue
GetLastError
TlsFree
EnumSystemCodePagesA
DeleteFileA
GetModuleFileNameA
TlsSetValue
TlsAlloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 679B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 462B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ