d0b6f29e798827ae2451846b54b3c32e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0b6f29e798827ae2451846b54b3c32e_JaffaCakes118
Size

53KB
MD5

d0b6f29e798827ae2451846b54b3c32e
SHA1

cfc84ece2530c6b0985d6ea0e3919f8e4dcba6cb
SHA256

c0dab49f13fa15073e72c1ee21ea8140285d7e878dd4bf904c21bf8c5238bf4b
SHA512

760b4f26480b32ffd2186b5c275123afa3e4461bf534def804978b115547edbffbef510a2e5a1b9808ef6ec4b5017e1830d3ec1fea137b48147b7de4d2c63c47
SSDEEP

1536:qvnV04qDSiTYuNwU7MFRLZE2bu94vL9W:5IiTXTgFRLG2bF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0b6f29e798827ae2451846b54b3c32e_JaffaCakes118

Files

d0b6f29e798827ae2451846b54b3c32e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8ee81745aa6198e20ff3b9df68ac69a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
CloseHandle
WriteFile
WideCharToMultiByte
GetConsoleOutputCP
WriteConsoleW
GetConsoleMode
GetFileType
GetStdHandle
GetModuleHandleW
LocalFree
FormatMessageW
GetVersion
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
LocalAlloc
GetLocalTime
lstrcatW
lstrlenW
lstrcpynW
GetCommandLineA
GetTickCount
GetSystemTimeAsFileTime
VirtualProtect

advapi32

CheckTokenMembership
FreeSid
AllocateAndInitializeSid

ole32

IIDFromString

msvcrt

wprintf
__CxxFrameHandler
_except_handler3
_amsg_exit
_wcsicmp
free
malloc
exit
_initterm
_XcptFilter
atoi
memcpy
_snprintf
_adjust_fdiv

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1018B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ