27c75734688af33c40bcee7cdcf5454d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27c75734688af33c40bcee7cdcf5454d_JaffaCakes118
Size

156KB
MD5

27c75734688af33c40bcee7cdcf5454d
SHA1

ba07c8374fc55a9d12b3d0bfa9d2c6ee7df19ebe
SHA256

0c70357d8bf2cd0a6cbf9e548d5eb339bc9d8381e2cdb689c2416145e4f5ab62
SHA512

15b2328ba3d61069c9c6315f35b0a87d275a58f53c23ede9f67337649026912c91c436c67a755d1dd581e7c55b3a4dec514b62ab132eaa729fcab4d3b41e7640
SSDEEP

1536:cqSh1K1qPPlF3Iczbkl06as2Z/uHjeCBE+fKTlLMSERAqFRdP5EZI:cqYs1qTJYleaBXfKpiaqFfKZI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27c75734688af33c40bcee7cdcf5454d_JaffaCakes118

Files

27c75734688af33c40bcee7cdcf5454d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e2e4e514e62b8d35dcde834f97424511

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\dta\ata\Ll.pdb

Imports

msvcrt

_onexit
__dllonexit
_adjust_fdiv
malloc
_initterm
free
strerror

advapi32

RegSetValueExA
RegCloseKey

kernel32

GetConsoleScreenBufferInfo
LocalAlloc
DebugBreak
GetStdHandle
FreeConsole
WideCharToMultiByte
GetConsoleMode
OutputDebugStringA
InterlockedIncrement

user32

LoadStringA
wsprintfA

Exports

Exports

trertyiytrehg
xvdsedsfdf

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1006B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ