05e4b22c18b4decbc486ffcafd88ccca_JaffaCakes118 | Triage

Sharing

General

Target

05e4b22c18b4decbc486ffcafd88ccca_JaffaCakes118
Size

104KB
MD5

05e4b22c18b4decbc486ffcafd88ccca
SHA1

48b585c01fe901083d9fa96707af6d76f834a0c6
SHA256

6b7e4c36e8b3bef7d920c7757facedb2e10b68f5eed5c43001daef55561bab34
SHA512

375b9ea57685fd74cc35a99379f79c99d869ee4a35c21dfe57eaf6d93fa0d35462f1a65e8bccc4213d2924f338ae670694ece7d1931aa4d9dbe7d3aa44ad1dfa
SSDEEP

3072:t0kg3j6Wm+yeM9V4BvtsdVvtZTNVMu9c:tyjaheM9Op+dVvtZTNVh9c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05e4b22c18b4decbc486ffcafd88ccca_JaffaCakes118

Files

05e4b22c18b4decbc486ffcafd88ccca_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dfac18bf99d220fc5386fff620968d4d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

_stricmp
_onexit
__dllonexit
_initterm
strrchr
realloc
malloc
free
_purecall
_ftol
sprintf
strchr
_beginthread
??2@YAPAXI@Z
??3@YAXPAX@Z
strncpy
_adjust_fdiv
_splitpath
_putenv
printf

kernel32

WriteFile
SetErrorMode
GetProcAddress
FindNextFileA
CreateDirectoryA
WaitForSingleObject
SetThreadPriority
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameA
FindFirstFileA
LoadLibraryA
FindClose
FreeLibrary
SetFilePointer
SetEndOfFile
CreateFileA
VirtualAlloc
GetDiskFreeSpaceA
CloseHandle
VirtualFree
DeleteFileA

user32

LoadStringA
wsprintfA
MessageBoxA
GetSystemMetrics
CharNextA

Exports

Exports

MPACreateComponentInstance

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ