b8a2a9f835b803c1415224255c6c96c7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8a2a9f835b803c1415224255c6c96c7_JaffaCakes118
Size

35KB
MD5

b8a2a9f835b803c1415224255c6c96c7
SHA1

9a70be42c8587ba8b720de9dc660e7b8c1f2362a
SHA256

490ff8648ae839c33db73a2c2f44de4b75c21051a4ae86a33f09029303a07d81
SHA512

d17365cd74cc5a5a39fc42c1fbda093beb49310b90237b6b018fa2bc737c7fd6781122e1605faf75396981aea0b48b2455ba9e131de6c309f51e4707dcf6fcc6
SSDEEP

768:hl2xrGNsUCj6VnfTRk+5+3sSpGLyzgG8wJ44rOg0:8rGsyVnfTT5yfGLyzkwa4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8a2a9f835b803c1415224255c6c96c7_JaffaCakes118

Files

b8a2a9f835b803c1415224255c6c96c7_JaffaCakes118
.dll windows:5 windows x86 arch:x86

22eb6df9cfceff671609e7d60d452971

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
EnumResourceNamesA
ExitProcess
GetACP
GetCommandLineA
GetLastError
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetVersion
HeapAlloc
LeaveCriticalSection
LoadLibraryA
LoadResource
MultiByteToWideChar
SetLastError
SetUnhandledExceptionFilter
VirtualAlloc
VirtualFree

msvcrt

_XcptFilter
__getmainargs
__p__commode
__set_app_type
_cexit
_wcsicmp
exit
fprintf
free
malloc
printf
rand
setlocale
sscanf
strpbrk
wcscat
wcscmp
wcscpy
wcslen

ole32

CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ