0b50695213b51d7967b7ff3c1bab8af3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b50695213b51d7967b7ff3c1bab8af3_JaffaCakes118
Size

172KB
MD5

0b50695213b51d7967b7ff3c1bab8af3
SHA1

04fe79fa791611572a4876c0af9185436c70690b
SHA256

56721f09012829fff856e91172cb8c28b4f3006da8ce88c9709e49c2313d1d68
SHA512

eff32f9204a007428195651a56bb1f7994b821f76826909fac944cfd90c33a4ec73e4723be3731bbeca3299f55fec1e648ebce13501e9a517c9c309a6367689f
SSDEEP

3072:J7AXvbC30enhi8R/y/jIPauHZDNZwJ9uHLkj91de5BCIMMlw1UY8pWbK:J7QbgFRfau5yj9qCNMlGNb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b50695213b51d7967b7ff3c1bab8af3_JaffaCakes118

Files

0b50695213b51d7967b7ff3c1bab8af3_JaffaCakes118
.dll windows:5 windows x86 arch:x86

4d467bc5fce5ceaf2932746917fcb874

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\Windows Dir\FileExec

Imports

user32

GetPropA

kernel32

LocalSize
FindFirstFileW
FindResourceExW
LoadResource
GetVersionExW
SetFileAttributesA
FindFirstFileA
OpenEventW
CancelIo
OpenFileMappingA
GetCommandLineW
GetBinaryTypeA
CloseHandle
GetProfileStringW
ClearCommError

Exports

Exports

_PeekMessagePeekMessageA@0

Sections

.text
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ