e0b5d48d4ce92f0de2f0d05fbba66563_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e0b5d48d4ce92f0de2f0d05fbba66563_JaffaCakes118
Size

33KB
MD5

e0b5d48d4ce92f0de2f0d05fbba66563
SHA1

e3d4f45b4b8ee89c8848e120e3c24d8ba3e1bfc6
SHA256

a9324bd738bd13b97707c44d99b42b571f4f0b5e2d1fc958f54c548e8fa3907c
SHA512

d61c961dc1ee9ad0ea73518a5f3e4ba80de26ace084dc3cf802c8e0cee841299aa898bdc2cd1d33aaa4fce41c005b54e0917a6d9318d5697468cda6bec65f08c
SSDEEP

768:TuyvdJT/z6C3HOezaChDGdMlLMBIzPc7dHQ65Gs:rJ3F4C4MlLmwWHq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0b5d48d4ce92f0de2f0d05fbba66563_JaffaCakes118

Files

e0b5d48d4ce92f0de2f0d05fbba66563_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3213e6ce1f5b54f72d52941ebed85511

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetNamedPipeInfo
GetModuleHandleA
GetConsoleCP
DisconnectNamedPipe
DeviceIoControl
GetCurrentProcessId
GetDriveTypeA
GetBinaryTypeA
HeapAlloc
GetProcessHeap
HeapFree
GetStdHandle
CreateNamedPipeA
Beep

ole32

OleUninitialize

winmm

timeGetTime

shlwapi

SHGetValueW
SHDeleteValueA

user32

wsprintfW

advapi32

RegCloseKey
GetUserNameA

msvcrt

malloc
free

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 398B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ