b3cad61a9b67db07772ad5794e143ed2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b3cad61a9b67db07772ad5794e143ed2_JaffaCakes118
Size

38KB
MD5

b3cad61a9b67db07772ad5794e143ed2
SHA1

d36dce00354e5dae55bebf3d47f648afe9c26f85
SHA256

cdd2f7f68270d464924d2607a47a25763b75a9bf820714f5d119b77adbc7b3e2
SHA512

124295ebc8c9d7118fe72dc99540a594f2235872c81bcf3f370028cef089f0c02e0c03a88a2a7ca2e953d1cd23bb463ae0e99708a29ba6f467e740d655bcecd9
SSDEEP

768:j/JHpGENoeqtJ6XkJHY1EC+7KZhhX7nJhPe6q26ZjKvckCe38dd:jRHpGENonjThY1fwsXTJhG645Kvcvecd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3cad61a9b67db07772ad5794e143ed2_JaffaCakes118

Files

b3cad61a9b67db07772ad5794e143ed2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

169df13a5a4b7c5fab36fbe213bc0e85

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

GetDriverModuleHandle
timeBeginPeriod
timeEndPeriod

shlwapi

PathIsRootA
SHCopyKeyW
SHDeleteKeyW
SHEnumKeyExW

user32

ReleaseDC

advapi32

RegLoadKeyA

kernel32

GetProcessHeap
HeapAlloc
GetTickCount
GetSystemDirectoryA
HeapFree
FlushViewOfFile
lstrcmpA
lstrcmpW
GetFileAttributesA
GetWindowsDirectoryA
GetStdHandle
Beep
CloseHandle
CompareStringA
OpenEventA
CreateNamedPipeA
DeleteAtom
DeviceIoControl
DisconnectNamedPipe
GetConsoleMode
GetExitCodeProcess
GetMailslotInfo
GetProcessVersion
GetCurrentDirectoryW
GetCurrentThreadId
GetThreadLocale
IsValidCodePage
IsValidLocale
ResetEvent
CancelIo
CallNamedPipeA

msvcrt

rand
toupper

ole32

OleRun

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ