255545f87285d59ee285adda1c9a2478_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

255545f87285d59ee285adda1c9a2478_JaffaCakes118
Size

126KB
MD5

255545f87285d59ee285adda1c9a2478
SHA1

40f3ef8e69be97d09e2e3e440bc8a54bdbf104f5
SHA256

78f6d51896860d35e2c2152dd84d7d72503bfda4b150d3fe5a43d9e0d15e78fd
SHA512

48a0feb140b1c84152d32f5a1fab32e52e34888e3b5d7a1adf8d377fea5d53c921dccd7b6da481cdc4471dbf7f5a021f97eeb5c6fbc43227cebea27f7be0db78
SSDEEP

1536:8+b3kejiqYcHeSemHo1chg5bJTh9yeFDNwqst86T8crZOI3T46AOn:hpWXcHe3mqsghJTPhJwzJlOIE6rn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
255545f87285d59ee285adda1c9a2478_JaffaCakes118

Files

255545f87285d59ee285adda1c9a2478_JaffaCakes118
.dll windows:5 windows x86 arch:x86

0ddc62a1c5dcc79c893170fbdba35833

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateEventA
CreateEventW
CreateThread
EnterCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
FormatMessageA
FormatMessageW
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetDateFormatW
GetLastError
GetModuleHandleA
GetStartupInfoA
GetSystemDefaultLangID
GetTickCount
GetTimeFormatA
CloseHandle
GetUserDefaultLCID
GetVersionExA
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
IsBadReadPtr
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalReAlloc
SetEnvironmentVariableW
SetEvent
SetLastError
TerminateThread
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
lstrcpynA
VirtualAllocEx
GetTimeFormatW
AreFileApisANSI

user32

LoadIconA

advapi32

RegOpenKeyExW

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ