b92730315e7329995119a95a6af1c484_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b92730315e7329995119a95a6af1c484_JaffaCakes118
Size

256KB
MD5

b92730315e7329995119a95a6af1c484
SHA1

3915dec60791bfc168fdc9d167b57cadbb3e453d
SHA256

e8effc770e7fbf4456fdb2d0d86cd9da3ca1b9fc0d1c337c9029518d9d656928
SHA512

2c4f07269570b54092e58996510ff8d619c4a0575cb520f9e328ba2b47973fed0bda6746b3a4d0a1e51525988159eb54f557fef932f215dbc55b150262a2637a
SSDEEP

6144:N6mSKcsr4sbMi9mw6WwxD6tblGn5gL/JUrP6BKvhnHLX/NS:NkKcsr4sAi9mUwxKblGn4/JiVvxrVS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b92730315e7329995119a95a6af1c484_JaffaCakes118

Files

b92730315e7329995119a95a6af1c484_JaffaCakes118
.dll windows:4 windows x86 arch:x86

56fb622be0ff8b0c6fdf58cc584960e9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetConsoleMenuClose
CreateFileA
WritePrivateProfileSectionA
GetConsoleAliasExesW
PulseEvent
FindFirstFileExA
Sleep
lstrcpynA
RaiseException
IsValidLocale
GetDiskFreeSpaceExA
Thread32Next
GetFileAttributesExA
GetVDMCurrentDirectories
GetProcessHandleCount
GlobalWire
MulDiv
lstrlen
SetConsoleTextAttribute
LocalSize
lstrlenA
InterlockedDecrement
GetCurrentDirectoryA
FreeResource
GetDriveTypeA
QueryPerformanceCounter
GetThreadPriorityBoost
lstrlenA
VirtualAlloc
EscapeCommFunction
HeapCompact

gdi32

SetViewportOrgEx

shell32

SHGetSpecialFolderPathA

winmm

timeGetTime
timeBeginPeriod

Sections

.idata
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 244KB - Virtual size: 249KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ