bfc92b12d8ab10ac4be1c0fd8f9213f8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bfc92b12d8ab10ac4be1c0fd8f9213f8_JaffaCakes118
Size

578KB
MD5

bfc92b12d8ab10ac4be1c0fd8f9213f8
SHA1

a058323569e82853bc1e4ce8a6448d61ecde4447
SHA256

889d79f3b7b439bfdf2e0a079b2a51c5802a074c449f7b5c24367defcd57f833
SHA512

b7d7e891b756c47cf4402260914e04838e370fa2156abd4422400f547b81490b721dfb70597998b3d112171aabe7ab9b8dc050cdbc772adea0fc93e5b08e76ab
SSDEEP

12288:cU5e+L4JOc1UzqwtBldFKWLrROvnwhSmKdO3Ad:txLcOMUuQNKidOvnsSmKdIAd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfc92b12d8ab10ac4be1c0fd8f9213f8_JaffaCakes118

Files

bfc92b12d8ab10ac4be1c0fd8f9213f8_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b1e0a83a483c59c9460db84a700b31e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

pdb.pdb

Imports

kernel32

Beep
OpenProcess
GetCurrentProcessId
lstrcmpA
MulDiv
LocalFree
Sleep
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
TerminateThread
WaitForSingleObject
CreateThread
CloseHandle
GetLocaleInfoA
LeaveCriticalSection
EnterCriticalSection
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
HeapAlloc
GetProcessHeap
HeapFree
EnumCalendarInfoExA
GetCommProperties

Exports

Exports

qjjx

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 548KB - Virtual size: 546KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ