3684e67b3f6f105d8ff89fd20e295b6d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3684e67b3f6f105d8ff89fd20e295b6d_JaffaCakes118
Size

268KB
MD5

3684e67b3f6f105d8ff89fd20e295b6d
SHA1

7b27c531a0b2f09cfdeff5d0d5d8f03cf2e2bff4
SHA256

65eec084f1aa23121aaa39d20afdf3d7688ac10509e61079f4bdb985e474392c
SHA512

adb3021390a25dfac9e56f5994c937b0e27db759be12db1df17167af5960ee578bb2ce584d8a3cb219a260b96af5dd3dbf95c24daf1919a51f770fa2e0548326
SSDEEP

6144:p2aKawst/oIVaR9YVWKIsgMlp71ZpCDRPEsg:p2g/faRKgpRxg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3684e67b3f6f105d8ff89fd20e295b6d_JaffaCakes118

Files

3684e67b3f6f105d8ff89fd20e295b6d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2f9eff751ce6c1481a06f535f1279d5d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

vsprintf
strncpy
strrchr
_stricmp
sprintf
strtol
strchr
??2@YAPAXI@Z
_purecall
??3@YAXPAX@Z
realloc
free
_vsnprintf
_ftol
_initterm
_adjust_fdiv
__dllonexit
_onexit
malloc
_ftime
_strcmpi

ole32

CoCreateGuid

kernel32

DisableThreadLibraryCalls
GetTickCount

Exports

Exports

RMACreateInstance

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ