d0ba741c5d2fadfae9121bedeebe6409_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0ba741c5d2fadfae9121bedeebe6409_JaffaCakes118
Size

815KB
MD5

d0ba741c5d2fadfae9121bedeebe6409
SHA1

22a26490dae4c0add8fc46710e0a5ab247ace0f3
SHA256

7696c7a596bf329b8e7f8f2e4d92df64217f83e9e951f91ef32fee2c4bfd30ec
SHA512

e0bb8e291c4ae239bf62aa8f2c452f33a4ccc447b92d812605d4654ccce8fe7a4484bc37ebb8ee2260867621b42b2b8dc16119c3dede5d9c46650ffaf10f5e36
SSDEEP

12288:DbHsMdTyOaFwa6cvSshLsEZ8XGpyJC/qpsuFT3iyXCe+a3KK3xIEqjn8:Xsvf+a6cX2X2CrT3i2C/a3HxXWn8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0ba741c5d2fadfae9121bedeebe6409_JaffaCakes118

Files

d0ba741c5d2fadfae9121bedeebe6409_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6a6a7a22f6226203c15036c157ff512e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
lstrcpyW
GetCurrentProcess
GetTickCount
GetStringTypeA
GetComputerNameA
SetVolumeLabelW
HeapCreate
LoadLibraryA
DeleteFileA
GetPrivateProfileIntW
GetConsoleTitleA
EnterCriticalSection
GetFileSize
LeaveCriticalSection
SetEnvironmentVariableA
GetCalendarInfoW
SetCurrentDirectoryA
FoldStringW

adsldpc

AllocADsMem
ADSIGetNextRow
AllocADsStr
FreeADsStr

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 803KB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ