a933cbc29f3a6971d4a0f9544efaeccb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a933cbc29f3a6971d4a0f9544efaeccb_JaffaCakes118
Size

49KB
MD5

a933cbc29f3a6971d4a0f9544efaeccb
SHA1

d64bebe66e62adece8b6c38f82b0dfda86716f44
SHA256

3612f4da073573e4a5066a9408fae36786f8c7b3a1b6ceaf61f717412e8796ab
SHA512

bd1e29429e3583b0f32c813761a95471b6140b2fc171d54163c007c4f61a408e90b5d163f7bf86c42c683a90d29154b7922648b5f029f7fdc938c16360c6ff54
SSDEEP

768:VAGRfrP+0Hgxc3MxBaLYstTe1ULBmuDasDkWd9OrrSNqrOxO3OWaAUTAs2AN3bb:VxP+gw3mTe1ULAujkWXT4OkOWqTuA5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a933cbc29f3a6971d4a0f9544efaeccb_JaffaCakes118

Files

a933cbc29f3a6971d4a0f9544efaeccb_JaffaCakes118
.dll windows:4 windows x86 arch:x86

024a6effb956c8a53b469c02482defd5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

maiaciroium.pdb

Imports

kernel32

OpenProcess
GetModuleHandleW
UnhandledExceptionFilter
GetCurrentProcess
GetModuleHandleA
GetProcAddress
GetLastError
QueryPerformanceCounter
TerminateProcess
GetSystemTimeAsFileTime
GetTickCount
Sleep
SetUnhandledExceptionFilter
GetCurrentThreadId
GetCurrentProcessId
CreateRemoteThread
CloseHandle

advapi32

AdjustTokenPrivileges
OpenProcessToken
IsValidSid

Exports

Exports

gzgzndv

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 418B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ