f5ed9fd1a6d2b22dd553439fe4fa25b5_JaffaCakes118 | Triage

Sharing

General

Target

f5ed9fd1a6d2b22dd553439fe4fa25b5_JaffaCakes118
Size

269KB
MD5

f5ed9fd1a6d2b22dd553439fe4fa25b5
SHA1

ab75e78ab8d83cfcfd1468964e1c35c19a3edd90
SHA256

0bd9133134686b0d05b67121eb6e635f07bdb09befd1fb15b69ca789e3e1e3f0
SHA512

7b89eb7bf4032cdf315ee926c9e90718b13347aea175f08e4f8eb504db68d9e1b1ca4b991527febb9a065ecf00dca2f76168ecb9a20223b6f111e7870d8b1313
SSDEEP

6144:M2Kp62bD8DQ8SF97fAPS+G0h6oMTsOdHBOR6EsJLYl+mlg:hW/8u9064ttoHBO6EMLYl+mlg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5ed9fd1a6d2b22dd553439fe4fa25b5_JaffaCakes118

Files

f5ed9fd1a6d2b22dd553439fe4fa25b5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5f91c393f5511fd31bf17fa6f66ece0d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemTimeAsFileTime
GetVersion
LocalAlloc
RtlUnwind
TlsSetValue
EnumResourceLanguagesW

Sections

.text
Size: 21KB - Virtual size: 404KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 243KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ