b8182d2c9849dfa26345addd192161e9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8182d2c9849dfa26345addd192161e9_JaffaCakes118
Size

21KB
MD5

b8182d2c9849dfa26345addd192161e9
SHA1

dc723ab2fbb0eaac15a9e0065eaddd4d7e66d7bb
SHA256

c2155a1b438827650dd9b175cf79b1dca4535be94b6af798275fa297b2c55e0a
SHA512

0a2b786baf45df4e9e0f2e6e0c9ae79e9c50f51eec8898d4dbc331467c2516c781685f825b8ec218020dfc2b185a3ca37bf45f6eb4ed12e38d8097a1cebcb958
SSDEEP

384:w1MgnDRPiUvdoxLzoAGhyKYGG2jJ56lpeQ2lwUHhrQfTQbG6LvVfxs+KBikK+WJU:w1nnDxipxLzoThbYGHje+tlDHVKTQsGk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8182d2c9849dfa26345addd192161e9_JaffaCakes118

Files

b8182d2c9849dfa26345addd192161e9_JaffaCakes118
.dll windows:5 windows x86 arch:x86

6d61375a9111538d6d0fd67f6c35004c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetLastError
Sleep
GetTickCount
CloseHandle
lstrlenA
lstrcpyA
GlobalAlloc
GlobalFree
DeleteFileA
FreeLibrary
LoadLibraryExA
SetFilePointer
GetModuleFileNameA
GetModuleHandleA
lstrcatA
CreateThread
DisableThreadLibraryCalls

Exports

Exports

Export1
Export2

Sections

.text
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 702B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ