b0decdcb092ed7d56516429125eb8c63_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b0decdcb092ed7d56516429125eb8c63_JaffaCakes118
Size

188KB
MD5

b0decdcb092ed7d56516429125eb8c63
SHA1

7889d21af2ff140c21aaeb8a9f4662eb6cc6f2fe
SHA256

68edcdef88fec905d47ff0b9bc77c7a3913d675345b84e234948fbee81123706
SHA512

7c693d12bd2c85c225de815ca4f695605e7c81aff1823d808b8947c795ec077fb89e603ed1bf76e3bfcf5ad5e7be2dfa0a85085154fdabf3583e1272c54a9e1c
SSDEEP

3072:a5h1XjiLTOv3Ib92HY1QmDtsxJYK6U9FbOlOV752q+TSApCbWLaF:a5h1X2TE3q241Qm2xJYcFb8OV7oq2b0H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0decdcb092ed7d56516429125eb8c63_JaffaCakes118

Files

b0decdcb092ed7d56516429125eb8c63_JaffaCakes118
.dll windows:4 windows x86 arch:x86

edf61e6cc52950c4fcd7460b093c1fa4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GetProfileStringA
FreeLibrary
GetProcAddress
LoadLibraryA
SetErrorMode
GetModuleFileNameA
lstrlenA
lstrcatA

user32

OemToCharA
LoadStringA

msvcrt

_ftol
_adjust_fdiv
_makepath
free
_initterm
_splitpath
malloc

Exports

Exports

DateTimeTo2000
UFEndJob
UFErrorRecovery
UFGetFunctionDefStrings
UFGetFunctionExamples
UFGetFunctionTemplates
UFGetVersion
UFInitialize
UFStartJob
UFTerminate

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 966B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 354B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ