0ad8c5698aacfa9951dc50ffcfbae679_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ad8c5698aacfa9951dc50ffcfbae679_JaffaCakes118
Size

87KB
MD5

0ad8c5698aacfa9951dc50ffcfbae679
SHA1

2bd74e52f1c4939f114444055c4bef9ae27b2a37
SHA256

6a3f79153404e25a1e87a9f1f2934bfe3912a6e76a6442f8bccc1df08be4930f
SHA512

d95a7d81e719577a69acefcdc104e635528c5a1b3cf8a31c3200f7c6a326c15920180776aaf986d7df5a5f822ad99441e97ab9972078511a1be300075b18d0a7
SSDEEP

1536:ozsOEjp/5jwrFpA40V+9e0QTunk97+SfYcLy0GFONKrXk3YHKIHXp:ozb+/1w5oke5Tf78cu0GsLeNHZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ad8c5698aacfa9951dc50ffcfbae679_JaffaCakes118

Files

0ad8c5698aacfa9951dc50ffcfbae679_JaffaCakes118
.dll windows:4 windows x86 arch:x86

92914fded8a4ba0e7ee6cd99bd64e624

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
ExitThread
FlushFileBuffers
GetSystemTimeAsFileTime
GetVersion
OpenFileMappingA
RaiseException
ReadFile
SetEndOfFile
TlsSetValue
lstrcatA

msvcrt

wcslen
wcscpy

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ