2b29764d79ef4144affb4cc0b7e1db23_JaffaCakes118 | Triage

Sharing

General

Target

2b29764d79ef4144affb4cc0b7e1db23_JaffaCakes118
Size

28KB
MD5

2b29764d79ef4144affb4cc0b7e1db23
SHA1

941c22725648c3ba87ac17503ef511c10fec2809
SHA256

70a1a10d50828a183368f89318d78f6fe01e30f58fe661d65de73394c0dcd72a
SHA512

effb9b2beed8639cb27c9714c6b6ac405b32b2c3cd94a05d9a6677eef3af1baf4d139d2214eba8cf27d438e9446c2e5133c08f973bf56eeff5739fb49e437c3f
SSDEEP

768:CjxJDLtQwMqa8cOwlUxuuzHJ5ibcykW2ez0sCGIg:CjrSoa8xwlUgmJ5ibc6zxCGIg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b29764d79ef4144affb4cc0b7e1db23_JaffaCakes118

Files

2b29764d79ef4144affb4cc0b7e1db23_JaffaCakes118
.dll windows:5 windows x86 arch:x86

fe91c44b848e1010b9e484763fe5a148

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnumResourceLanguagesA
ExitProcess
FreeResource
GetACP
GetCommandLineA
GetFileSize
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
MultiByteToWideChar
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
VirtualAlloc
VirtualFree

msvcrt

_XcptFilter
__getmainargs
__p__commode
__set_app_type
_cexit
_except_handler3
_stricmp
exit
isdigit
malloc
realloc
sscanf
strpbrk
vswprintf
wcscat
wcslen

ole32

CLSIDFromString
CoCreateInstance
CoGetMalloc
CoGetObject
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
StringFromCLSID
StringFromGUID2

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ