30e623cb5d8533b6a582638b0602a7e0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30e623cb5d8533b6a582638b0602a7e0_JaffaCakes118
Size

102KB
MD5

30e623cb5d8533b6a582638b0602a7e0
SHA1

ac86f2197085d9bfdd250f56849f9ae278c15920
SHA256

dfeb30eff2b962f9f1f07ab800ec9e968da379f646fce9a642d423829876a6ed
SHA512

4d9867ecbb83c447748a2770c888b91d760826eed383ee3d9b2c7ad9421ec33c03f63c19198850558a6c71106ceca70fa62e3441054679756fd7c05f6291f6d8
SSDEEP

1536:Obtl7p+sBqATP1OhzXamf/9n8gfrFL+i38TR:9sYAI1fh8gfrFii38TR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30e623cb5d8533b6a582638b0602a7e0_JaffaCakes118

Files

30e623cb5d8533b6a582638b0602a7e0_JaffaCakes118
.dll windows:5 windows x86 arch:x86

2df740f5350921b31e34d705da3ff5e2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStrings
GetEnvironmentStringsW
GetFileType
GetModuleHandleA
GetPrivateProfileIntA
GetProcAddress
GetStartupInfoA
GetStdHandle
GetSystemTimeAsFileTime
HeapCreate
ExitProcess
HeapFree
LCMapStringA
LCMapStringW
QueryPerformanceCounter
SetHandleCount
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualFree
lstrcpynA
VirtualAllocEx
HeapDestroy
DeleteCriticalSection

user32

LoadIconA
GetSystemMetrics
LoadIconW

advapi32

RegOpenKeyExW

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ