bd6ec6b93b9fe9dff314af7f1176eb9f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd6ec6b93b9fe9dff314af7f1176eb9f_JaffaCakes118
Size

69KB
MD5

bd6ec6b93b9fe9dff314af7f1176eb9f
SHA1

8bed4eb5361c2d3c33a9502bbdd5db02dc743b24
SHA256

6d5b130740b25479652b493e89e4a7f18072dfb4c4d47a3242a7ed31df6ae716
SHA512

fe88fdcc540e37b6c254b0fa5a4987d27218ff3f9184d98bb09c633768b4bd7477b318c994419a05797ce9277c58428d4d2ff5d46c92ea1c68db35df2ac7cabf
SSDEEP

1536:hXAzt0sM/Z+gK8Yt9GBKN2hy5gpJa6EU3R:hXAzWv/Z+gMt9GQN2ACpgUB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd6ec6b93b9fe9dff314af7f1176eb9f_JaffaCakes118

Files

bd6ec6b93b9fe9dff314af7f1176eb9f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

994f61f0e7f3f826bca28c1cf77b2a82

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

macreitum.pdb

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
Sleep
GetModuleHandleW
GetModuleHandleA
GetProcAddress
GetLastError
OpenProcess
CreateRemoteThread
GetCurrentProcess
SetUnhandledExceptionFilter
CloseHandle
UnhandledExceptionFilter

user32

CheckMenuItem

advapi32

AdjustTokenPrivileges
OpenProcessToken

Exports

Exports

zaiosr

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 542B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ