d03acfc08509341de8451b4134804525_JaffaCakes118 | Triage

Sharing

General

Target

d03acfc08509341de8451b4134804525_JaffaCakes118
Size

56KB
MD5

d03acfc08509341de8451b4134804525
SHA1

7c58da4100318530a0e8baee6032511f20fe1fff
SHA256

3be37dd435e54dd1707aad3cb3e92ba015fe92a5ef0e80346d1bb70d9945d8e7
SHA512

820f5f5a210ef0d34525bfa8a181d5f6b9c8f2d6e4de94e3733885bd4f7dccf54345a530bde2635ba989f433e0bb62dc11ee0d06efdc5e43d1c1c0a1c21d0e09
SSDEEP

768:SkQ3cter11q29x3XodRMTxyHVXo95+CKp8yq:dtD29x3QRMTghouCKCy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d03acfc08509341de8451b4134804525_JaffaCakes118

Files

d03acfc08509341de8451b4134804525_JaffaCakes118
.dll windows:4 windows x86 arch:x86

bc620fe4873540cf731d36c22c020368

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualFree
VirtualAlloc
lstrcmpiA
GetProcAddress
LoadLibraryA
GetLastError
GetSystemTimeAsFileTime
GetStringTypeW
GetStringTypeA
LCMapStringW
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
HeapDestroy
HeapCreate
HeapFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
HeapAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LCMapStringA
RtlUnwind

user32

GetSystemMetrics

Exports

Exports

AlcoTst
satDoc
satGen
satInit
satOnstant
satTion1
satTion2
satleDoc
satrateDoc

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ