d72b7b60b052d04d17d0139f5736f0c1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d72b7b60b052d04d17d0139f5736f0c1_JaffaCakes118
Size

57KB
MD5

d72b7b60b052d04d17d0139f5736f0c1
SHA1

d99b1d5c8eacbe51d8788b2a0f7ffa9daf40dbd8
SHA256

0933c90b8d0e7ab6e4b5f56304a23021a6a0bdc415ccfc95c8b64d81a19f11d8
SHA512

940bf933e64d387f08ee44555fddbd78ba22cc57de6a942369da66bc7bb1ba93dc6b1e71cca05935f5c9916de2fb6de37d4144a5621271fac515885118ff1d55
SSDEEP

1536:SraL57dToC7k+SsWu3zbWSrXfUtY/qoWca8:xLzEC4hsL3lrPUa/qoWca

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d72b7b60b052d04d17d0139f5736f0c1_JaffaCakes118

Files

d72b7b60b052d04d17d0139f5736f0c1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e11c9a512d259230f0970a5c83986eb4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcat
GetCommTimeouts
GetNamedPipeInfo
SetSystemTime
GetTapeStatus
RtlFillMemory
GetConsoleInputExeNameA
SetCommMask
GlobalFree
GetDefaultCommConfigA
GetSystemTimeAdjustment
lstrcpyA
GlobalAlloc
GetStringTypeExA
LockFile
GetCommandLineA
ExitProcess
GetStartupInfoA

Exports

Exports

IsKrhyuhljgwf
SetEnvnyvmpi

Sections

icode
Size: 4KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

idata
Size: 39KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ