12a9cf6f8aab729ca1682f4fcf146d10_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12a9cf6f8aab729ca1682f4fcf146d10_JaffaCakes118
Size

70KB
MD5

12a9cf6f8aab729ca1682f4fcf146d10
SHA1

d68e57e22d524fd40b4fa02cec68f652fa3eae53
SHA256

1768a68516e8ba1f33eb1c38af325361490e8e6a2373d026921429ce61292472
SHA512

f1224ae35c66ab5cde541b4bb3cdb09d908ef5ead077a83e0d6b7536579bf8097d63af8641aa16bb53ea8495b0a23aedfac141eb2399b72b3f9e99e8ad4a79f2
SSDEEP

768:6dNsS9OagFMqwFwI7q+Yy8HzYrUvW2mJa/PPdj/fKFQBt1g7QkeFjPToz9:WsaGMNq+f8TYEFjPRMQxYmy9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12a9cf6f8aab729ca1682f4fcf146d10_JaffaCakes118

Files

12a9cf6f8aab729ca1682f4fcf146d10_JaffaCakes118
.dll windows:5 windows x86 arch:x86

3e3f3ce1ad31d5ce54ccd5199b90d7a5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FormatMessageA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetSystemTimeAsFileTime
GetTickCount
LeaveCriticalSection
LocalFree
ExpandEnvironmentStringsA
SetConsoleCtrlHandler
SetLastError
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
GetProcAddress
LoadLibraryExW
WriteFile
QueryPerformanceCounter
EnterCriticalSection

comdlg32

GetOpenFileNameW

shlwapi

PathCombineW
PathFindFileNameW
PathRemoveFileSpecW
StrStrIA
PathAppendW

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata5
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ