a2fbda441ab3d25a6b5c6d00ee3da247_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a2fbda441ab3d25a6b5c6d00ee3da247_JaffaCakes118
Size

120KB
MD5

a2fbda441ab3d25a6b5c6d00ee3da247
SHA1

c071ce5501c412170b0f0202828bf65818242d25
SHA256

07a251da275143cff812580d8fcaae6282022fece29bb23109d73b6d117e5cb9
SHA512

d7362cfa8c9e86cc1570f0f438f2e6342d3c93853183a1b379dff866c9a193dbcc433109813c27f439f7f1cc72f040ab4147afbbe08f610388a9b9749ecd49a5
SSDEEP

3072:Y6XztG/03beRJVmSAihnz37H5xnMemaCE+XAoOqq:1tky2DmSAihnzTWQoa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2fbda441ab3d25a6b5c6d00ee3da247_JaffaCakes118

Files

a2fbda441ab3d25a6b5c6d00ee3da247_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3dff24d172f5031d837d000fcf3a81f8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SMapLS_IP_EBP_8
SUnMapLS_IP_EBP_8
SMapLS_IP_EBP_12
SUnMapLS_IP_EBP_12
SMapLS_IP_EBP_16
SUnMapLS_IP_EBP_16
ThunkConnect32
GlobalFree
GetVersion
GlobalAlloc
SMapLS_IP_EBP_8
SUnMapLS_IP_EBP_8
SMapLS_IP_EBP_12
SUnMapLS_IP_EBP_12
SMapLS_IP_EBP_16
SUnMapLS_IP_EBP_16
ThunkConnect32
GlobalFree
GetVersion
GlobalAlloc

pncrt

free
_adjust_fdiv
malloc
_initterm

Exports

Exports

GetDevNodeStatus32Call
thk_ThunkData32

Sections

.text
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 494B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 194B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 114KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE