a7abd348767f171dfcf151d7d9e344b6_JaffaCakes118 | Triage

Sharing

General

Target

a7abd348767f171dfcf151d7d9e344b6_JaffaCakes118
Size

41KB
MD5

a7abd348767f171dfcf151d7d9e344b6
SHA1

a2660b310a98ab3b7fb54bfb5601c74a121a2881
SHA256

d56d3d6c3dff95b1681eeda34c82d353d534bb0f9bb150b9512af11a6f8ecc7a
SHA512

a9e1325e6453c0cb50a6b10b2f2b0ba6bfa314d87c7247eb26527fd654108f417a27b8f7a637df2e7d23b4b41ebdb79725a1498dc812861a886937fd09394fa2
SSDEEP

768:Kapz2axk2rO1hGhIP8BPVYunlebX6loGagjpsh6ZPTjR6uUmTV:J/21hMg6tYulYX6OGqh4Tjc0T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7abd348767f171dfcf151d7d9e344b6_JaffaCakes118

Files

a7abd348767f171dfcf151d7d9e344b6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0ee3babe5f12de4ebbed88bf6ebe4ea7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

RegOpenKeyExA
RegCloseKey

kernel32

CloseHandle
CreateFileA
ExitProcess
FlushFileBuffers
FreeEnvironmentStringsA
GetCommandLineA
GetEnvironmentStringsA
GetFileSize
GetFileType
GetLastError
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetSystemInfo
GetVersionExA
GlobalAlloc
GlobalFree
GlobalReAlloc
MultiByteToWideChar
OutputDebugStringA
ReadFile
SetEndOfFile
SetErrorMode
SetFilePointer
SetLastError
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WideCharToMultiByte
WriteFile

ole32

CoInitialize
CoUninitialize

oleaut32

SafeArrayCreate
SysAllocStringByteLen
SysFreeString
SysStringByteLen
VariantClear
VariantCopy

Exports

Exports

ENCRYPTPASSWORD
SBS253

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.link
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rloc
Size: 1024B - Virtual size: 644B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ