bf494045b867d94ebf627074bd6040fa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf494045b867d94ebf627074bd6040fa_JaffaCakes118
Size

24KB
MD5

bf494045b867d94ebf627074bd6040fa
SHA1

45466beccf54a68133179e98b1288a8ba79ff858
SHA256

79d54998cf71b2786311dcabc15b56ee05c60fd5bd72943406d993b9fca75f30
SHA512

8dc0ef34e5203985da0f4fca4c7654e41ab8db8da6e29705556f2402311afe91c8193fd080e1d6dec26517cc77d81291a5193b946fe3826c1e3824af45e5bbde
SSDEEP

96:xUf6JXAwWKnUttplJZu56BjoChyX1YimcILIR8A7gzwdQquNJVcZYKTl8Z:Y7vyyj256BcCEYil0YJiZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf494045b867d94ebf627074bd6040fa_JaffaCakes118

Files

bf494045b867d94ebf627074bd6040fa_JaffaCakes118
.dll windows:4 windows x86 arch:x86

cafb8c3d2773cd2baee43f1a2ae02498

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

memset
strcpy
strcat
??2@YAPAXI@Z
??3@YAXPAX@Z
memcpy
_vsnwprintf
free
_adjust_fdiv
malloc
_initterm

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

user32

LoadStringA

kernel32

CreateProcessA
CloseHandle
CreateFileMappingA
MapViewOfFile
InitializeCriticalSection
DeleteCriticalSection
OpenMutexA
ReleaseMutex
GetLastError
UnmapViewOfFile
lstrcatA
OutputDebugStringW
GetVersionExA
EnterCriticalSection
GetTickCount
Sleep
GetExitCodeProcess
LeaveCriticalSection

Exports

Exports

EnsureOnline
RasCustomDeleteEntryNotify
RasCustomDial
RasCustomDialDlg
RasCustomEntryDlg
RasCustomHangUp
SetClientStatus

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ