baff63dbdb2972d58887d5f21bfbbbe8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

baff63dbdb2972d58887d5f21bfbbbe8_JaffaCakes118
Size

60KB
MD5

baff63dbdb2972d58887d5f21bfbbbe8
SHA1

49ce86cc0528117785c57771a914f55149b582a3
SHA256

2881f046a5ee6993e474261461a7e26cbd62cce15b1b8d5e7a92d638b0b2785a
SHA512

f8f6c56f07b0abde0bf61b06a9e0e92a7028e0fd1be28de2114de92c7b54e0d76a7d720ca7e19180a19852fc971149a5a7efb0e462c7232d6b797a46d256254f
SSDEEP

768:zwSJOmNhzHpXy1TI8VF3/UGbXAHmMCZaqIwXeWL583VUNRG2xANmV5:zPfzHpX2I2JUGbXxdwWL+3eHG2G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
baff63dbdb2972d58887d5f21bfbbbe8_JaffaCakes118

Files

baff63dbdb2972d58887d5f21bfbbbe8_JaffaCakes118
.dll windows:4 windows x86 arch:x86

cc6d21f80ed6b95081319972903039f6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

masteaieor.pdb

Imports

kernel32

MultiByteToWideChar
GetCurrentProcessId
GetCurrentThreadId
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
DisableThreadLibraryCalls
GetTickCount
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetLastError

ole32

CoCreateInstance

user32

FindWindowA
KillTimer
GetWindowLongA
SetWindowLongA
SetPropA
UpdateWindow
InvalidateRect
DefWindowProcA
DestroyWindow

msvcrt

strlen
sprintf
malloc
free

Exports

Exports

advxdhza

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 442B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ