262067a8435e572c835306ebe5962af4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

262067a8435e572c835306ebe5962af4_JaffaCakes118
Size

357KB
MD5

262067a8435e572c835306ebe5962af4
SHA1

53dce75597efa170a86c737720a7688bda4eb019
SHA256

6dcea2eb0e6df1731b2df7eea29e0aa69e7c0a3f4abe19e8021ca9df76722b42
SHA512

d36f7da4338e09235111fb94a9c9fca426966dd0a5ca57434cd7554dde125985c24491a4e83c818e13d912d9a17db965d8e31e9e9a54760e3397ec53642c51a8
SSDEEP

6144:rPmUs2GmlcicMLMJMrQ8t6VJ+W8QdaUn:r+Uqmm+E84VJ+tSR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
262067a8435e572c835306ebe5962af4_JaffaCakes118

Files

262067a8435e572c835306ebe5962af4_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f45c7b3c4b95454fb84eda37ae82256c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Beep
HeapAlloc
GetProcessHeap
HeapFree
CloseHandle
ReadFile
CreateFileA
GetModuleFileNameA
MoveFileWithProgressA
FillConsoleOutputCharacterA
CreateTapePartition

Exports

Exports

gaopf

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 577B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 316KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ