42fe27f208ba587f2d2ffe3a1c77a2a1_JaffaCakes118 | Triage

Sharing

General

Target

42fe27f208ba587f2d2ffe3a1c77a2a1_JaffaCakes118
Size

143KB
MD5

42fe27f208ba587f2d2ffe3a1c77a2a1
SHA1

c157e301d83c5cb9bc6823581ef88800284d0dde
SHA256

b2bc684d0757232bc590e622cb6a099348cefa92f056be73390039679926a5da
SHA512

86bdf9c1a4b380247100cce7f36ec23c678f5f43284937b0273112268ce639d18bb96af838bfcb6f72955891f3d4229e0e7b585bbb60737bbfb01287fe5cd142
SSDEEP

1536:RDTn9YGRGDkwzwxJuSOBBUd6IXwwajjdK1OLJFfFdqrqoc/oyiJjYTdnJHHAjK0R:F9YG4wfubBzIA81OLPce//SilalLw+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42fe27f208ba587f2d2ffe3a1c77a2a1_JaffaCakes118

Files

42fe27f208ba587f2d2ffe3a1c77a2a1_JaffaCakes118
.dll windows:1 windows x86 arch:x86

24c7da8f8061ae51644fbe6c61bd005d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

comctl32

InitCommonControlsEx

kernel32

CloseHandle
CreateFileW
ExitProcess
FindClose
FlushFileBuffers
GetCommandLineW
GetFileSize
GetFileType
GetLastError
GetStringTypeA
GetVersionExA
GlobalAlloc
GlobalFree
MultiByteToWideChar
OutputDebugStringA
ReadFile
SetEndOfFile
SetErrorMode
SetFilePointer
SetLastError
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WideCharToMultiByte
WriteFile

oleaut32

SysAllocStringByteLen
SysAllocStringLen
SysFreeString
VariantClear

user32

CharLowerBuffA
CharNextA
CharUpperBuffA

wsock32

closesocket
WSACleanup

\drake11\ft\layout

LAYOUT
CSZ

Exports

Exports

PARSEDESCRIPTION
PER003
READ2555_1
READEARN
READSCH
READW2

Sections

.text
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.link
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ