fb0ae97f6fb4ebaf6ee9d5b5c5c20bbd_JaffaCakes118 | Triage

Sharing

General

Target

fb0ae97f6fb4ebaf6ee9d5b5c5c20bbd_JaffaCakes118
Size

92KB
MD5

fb0ae97f6fb4ebaf6ee9d5b5c5c20bbd
SHA1

c6786cdd18b2355dd3d4314c5ceb3dfe33a620ae
SHA256

314f759760b3575a30f38d2a8a829788a0ca2993b36a8d77af543279b31cd94e
SHA512

dc78d5c4688c356cd06772f756ac34eaee7c2e9bd9ba7e619e0d21c3906c8917b6e66b583fad5485ba89682886945a753b119fdf924442acbf9c3f97acce83c8
SSDEEP

1536:WKPMMVtMXMfLzDij8sMpsvzBToZmdTlEZXf3KkWRQAZfCjIP1jq5D0bP:rketM8TzWjgpozd7TlEZu5ZCjaeBi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb0ae97f6fb4ebaf6ee9d5b5c5c20bbd_JaffaCakes118

Files

fb0ae97f6fb4ebaf6ee9d5b5c5c20bbd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b1a549eec284461ee9dc78964a7ea8ae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

motatster.pdb

Imports

kernel32

CreateHardLinkW
GetVersionExW
GetFileSizeEx
GetTimeFormatW
GetDateFormatW
GetLastError
FormatMessageW
GetCurrentProcess
GetCurrentThread
GetFullPathNameW
GetDiskFreeSpaceExW
GetSystemInfo
GetVolumeInformationW
GetDriveTypeW
GetLogicalDriveStringsW
SetFilePointerEx
SetEndOfFile
DeleteFileW
GetModuleHandleW
GetProcAddress
CreateFileW
DeviceIoControl
CloseHandle
LocalFree
GetModuleHandleA

ole32

StringFromIID
CoTaskMemFree

user32

GetWindowLongA
FindWindowA

advapi32

OpenThreadToken
AdjustTokenPrivileges
OpenEventLogW
ReadEventLogW
LookupAccountSidW
CloseEventLog
LookupAccountNameW
RevertToSelf
CheckTokenMembership
AllocateAndInitializeSid
ImpersonateSelf
LookupPrivilegeValueW
OpenProcessToken

msvcrt

wcscpy
isalpha
calloc
printf
wprintf
towupper
swprintf
toupper
wcscat
wcsncat
wcslen
free
isdigit
malloc

Exports

Exports

kmjiftxvo

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ