ac3b8d48dfd04330bcae32259c3909c1_JaffaCakes118 | Triage

Sharing

General

Target

ac3b8d48dfd04330bcae32259c3909c1_JaffaCakes118
Size

17KB
MD5

ac3b8d48dfd04330bcae32259c3909c1
SHA1

fa789d7d3f701307c13d5bce03940fd2d7fb6099
SHA256

3adf063543404a7bd95d60a4f8782c6bd32cc6e42e51b96edbd70916b636b7be
SHA512

54bd7f2635e8a7c188f33044070b6ce95d8fd0c42958ab748117dfe08f1a6cacc72ae55f894b6e89e50f7c7f332fa82ec691fb4b614858b1a747f38b2b3209c3
SSDEEP

384:r54J8NZ3mGPok5BZ36ZH5woHOuFjz2jzkz+6L7CaP/4SXIaa4WhW:r5Bf3mGPokHJ6N5wouux2jzkFv4S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac3b8d48dfd04330bcae32259c3909c1_JaffaCakes118

Files

ac3b8d48dfd04330bcae32259c3909c1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f8825465423620388bc95c8ff30be649

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReplaceFileW
TerminateThread
SetCurrentDirectoryW
_lclose
WriteProfileStringW
ExitThread
LocalUnlock
GetWriteWatch
GetConsoleCommandHistoryW
GetDiskFreeSpaceW
HeapValidate
lstrcatW
PrivMoveFileIdentityW
EndUpdateResourceW
GetConsoleInputWaitHandle
SetConsoleActiveScreenBuffer
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

.text
Size: 4KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ