17a40aa2da4142d7fe3ec10bc9cc78bb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17a40aa2da4142d7fe3ec10bc9cc78bb_JaffaCakes118
Size

627KB
MD5

17a40aa2da4142d7fe3ec10bc9cc78bb
SHA1

07a99c79396c4f6fa2161e649116271af52edf36
SHA256

ccd50540a9c8f068c637068765177577d81d13e643847095bc43a96fa919d954
SHA512

fae27eec37690c99ec72eec9722539dfcddf3640db02cc9a606ffbcbc7a104ed6142598c32e999c110baf09557329362d5324392c8b246d8fbb7013cdc579495
SSDEEP

12288:0Fmh89+iKUJDJcFm++7qd4DPjAA4XdYgqfG:Mjgi8i7a4DPjAA4XdYgqO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17a40aa2da4142d7fe3ec10bc9cc78bb_JaffaCakes118

Files

17a40aa2da4142d7fe3ec10bc9cc78bb_JaffaCakes118
.dll windows:5 windows x86 arch:x86

039bcbc605477e8e87ec550c2e60e748

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
lstrlenW
lstrcmpiW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ