294956579e7832e66baf5a6f0933f27a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

294956579e7832e66baf5a6f0933f27a_JaffaCakes118
Size

60KB
MD5

294956579e7832e66baf5a6f0933f27a
SHA1

7dfdb74cca381645bc1bc35e4597a7471d791550
SHA256

748055e0de00a6c858b7004cde2f1b05eb685ecf66cb1df12e8a40e66c2b8e61
SHA512

f2e796860b7ea969ef73d6161e74d49053c161660d78b76bbbc4d2522d4f7bf7fe1aa92fb70d1ae0ebee21d751cff2531287599041be32649f7656790e080836
SSDEEP

768:7prp0o4AMMVkGxiXto0DqCdX29LNZpdfkEIXWd3XqLVndfBd64C:7xitFo0vX4ZpSXG9XqZdpd64C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
294956579e7832e66baf5a6f0933f27a_JaffaCakes118

Files

294956579e7832e66baf5a6f0933f27a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

845914709c5feb3577c20c9bf35b6e1a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
VirtualProtect
GlobalFree
DisableThreadLibraryCalls
GlobalAlloc

msvcr71

_except_handler3
_adjust_fdiv
malloc
free
_initterm
__CppXcptFilter
__dllonexit
_onexit

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 478B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ