bc36a82b4641bb905f922971ca503c10_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc36a82b4641bb905f922971ca503c10_JaffaCakes118
Size

160KB
MD5

bc36a82b4641bb905f922971ca503c10
SHA1

1a74b1e56c2abe4029edfdba94ced4265bf6b07e
SHA256

ce819e895fc4658091097766bac6dd5e0793fd6a71c109858b8bb6ba505ee6f3
SHA512

20bb14b4ea5c3217b2ebe5b4f31611dc3a094ec144648a99855fcbb640bf7a0b3b740d91235960427b74d937eae0c90069b7c4ff35ca56f071665467f2fbbdfa
SSDEEP

3072:aNvHY9FImUVE+fpVAl5OX0siEq68Gf8NrGjpP6U/6EYI:alHcF2VEupGmXwR68+8IlP6bL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc36a82b4641bb905f922971ca503c10_JaffaCakes118

Files

bc36a82b4641bb905f922971ca503c10_JaffaCakes118
.dll windows:4 windows x86 arch:x86

71b605aa9022015ae8e0d7c03e6759ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
CreateEventA
GetCommandLineA
LoadLibraryA
GetProcAddress
CloseHandle
GetModuleFileNameA

ole32

CoSetProxyBlanket

user32

PeekMessageA

advapi32

DuplicateTokenEx

Exports

Exports

SysUserdsc

Sections

.text
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 524B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ