a02dc8e59ce3cab6b4a01ec2073dc5b0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a02dc8e59ce3cab6b4a01ec2073dc5b0_JaffaCakes118
Size

57KB
MD5

a02dc8e59ce3cab6b4a01ec2073dc5b0
SHA1

a58febf3e237248e369255f9a76b93db1a3585aa
SHA256

d3a641281e8941f6e333b8b6bb4931b86da8f49839380e3e03cf0f9a80bdf3f2
SHA512

e1c6afa25bc4909e08e5c42bad251dcaee2f20a0d3ff49ccd686153bdbca5fa4a5de25f645b9d27f47c5d96c42759316f8acf5e5d5a328bbfa26e3011c7d9adb
SSDEEP

1536:knToIfMIOPFDslPby8VUooy/P6w7j8GMY9ZE9XA7XAn:ITBfCPFoVjVf7INYPE9wi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a02dc8e59ce3cab6b4a01ec2073dc5b0_JaffaCakes118

Files

a02dc8e59ce3cab6b4a01ec2073dc5b0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

805badd6b7bd74fb77a82cb2df3ce607

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcess
ReleaseMutex
CreateMutexA
GetCurrentThread
SleepEx
SetLastError
lstrlenA
CloseHandle
FindFirstFileA
Sleep
GetModuleHandleA
GetProcAddress
GetEnvironmentVariableA
SetFilePointer
CreateThread
GetLastError
LoadLibraryA

advapi32

OpenThreadToken
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
LookupAccountSidA

msvcrt

fread
fwrite
ftell
fseek
fclose
malloc
fopen
strcat
strncpy
memset
strcmp
strlen
_snprintf
strcpy
calloc
_except_handler3
_local_unwind2
strstr
fgets
time
memmove
strftime
localtime
rand
srand
tolower
_pctype
_isctype
__mb_cur_max
strchr
atoi
_vsnprintf
_initterm
_adjust_fdiv
memcpy
free
_stricmp

Sections

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ