0336ff852e9f8f5d1a90108927246ff1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0336ff852e9f8f5d1a90108927246ff1_JaffaCakes118
Size

100KB
MD5

0336ff852e9f8f5d1a90108927246ff1
SHA1

082b175d9545aec43c046a3d6997dd98566270c6
SHA256

e204db10f8b85c130ca6bac84c22a81a4dd80afd22a5f54dcf39447269a226d4
SHA512

1f6045c49dfd1ca812031d1b05a9210d2100e0aec906defb705310faa6d89c94a0cd625777b63b46b9d7bcd4923a88a14b17aa4df624f9adcab0d9b23d616e8a
SSDEEP

1536:rvGocbxzJmtSgww8rWV/8RHeKfTneqboV3Hda49zIDUyjrvGekSKhxDQWY4kI+3E:r0bxzEsgww8Sq/Tzoe+yj3axN+qnr4Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0336ff852e9f8f5d1a90108927246ff1_JaffaCakes118

Files

0336ff852e9f8f5d1a90108927246ff1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

24c848cf510c15bec555a5400f8243f4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetConsoleAliasesLengthA
SetPriorityClass
GetCommMask
GetUserDefaultLCID
VerSetConditionMask
GetEnvironmentStringsA
FindAtomA
ReleaseSemaphore
CancelTimerQueueTimer
GetShortPathNameA
GetConsoleScreenBufferInfo
GetComputerNameA
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

PESEC0
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PESEC1
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ