cfe9e0f08fc3807b187d478f960a5d2a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cfe9e0f08fc3807b187d478f960a5d2a_JaffaCakes118
Size

32KB
MD5

cfe9e0f08fc3807b187d478f960a5d2a
SHA1

0624cdcdafef0a4e5cd8671e8cfcc32f90c4bfa8
SHA256

abdc5536555f6dd79870bc1c74be9edb3df3602e563bb0c871f4d256dc24b661
SHA512

cd08bcb685cf563c4e0f0432cba17cca2323c0ddd8fd8d2b334e790bd53bcf41e83723ef5d9d57cf4cbb9df5f951a312a181571a6792b04956f3566a5222146e
SSDEEP

768:65FDiqaUKa84joTeB4+gTIIblrIo9TlQ:65FDiqPKH4joTeyJ0IJso8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfe9e0f08fc3807b187d478f960a5d2a_JaffaCakes118

Files

cfe9e0f08fc3807b187d478f960a5d2a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0219e9b62ea13b3ba80d4d1ee01a1341

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
RtlUnwind

Exports

Exports

GetInfo
GetPort
PutGetData

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ