5290c173699ebe43c2f0be3bf5302580_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5290c173699ebe43c2f0be3bf5302580_JaffaCakes118
Size

90KB
MD5

5290c173699ebe43c2f0be3bf5302580
SHA1

94cb946e33ca474da149d925636fbe4c46e4d08e
SHA256

2ac5cd31710a54ac585ab6d2eb52c814b8c2c789b1331e3021292d805f9c14dd
SHA512

f07ef39955999c3f2c2d84bc3e68666b89ecbf9b8a1f1809a1af6b04bfc7539bc594b4cd133b54cfbb1fdf77ed3a64c3ac9311216cbfd976e1d51ef7152a80b4
SSDEEP

1536:ZZS2/lG60llmp07scx45bo+ubLMHk2/xZH19J9fcVs46AqP:zw7llt7saYo+unMHJ/xZV9JlcVx63P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5290c173699ebe43c2f0be3bf5302580_JaffaCakes118

Files

5290c173699ebe43c2f0be3bf5302580_JaffaCakes118
.dll windows:5 windows x86 arch:x86

2df740f5350921b31e34d705da3ff5e2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStrings
GetEnvironmentStringsW
GetFileType
GetModuleHandleA
GetPrivateProfileIntA
GetProcAddress
GetStartupInfoA
GetStdHandle
GetSystemTimeAsFileTime
HeapCreate
ExitProcess
HeapFree
LCMapStringA
LCMapStringW
QueryPerformanceCounter
SetHandleCount
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualFree
lstrcpynA
VirtualAllocEx
HeapDestroy
DeleteCriticalSection

user32

LoadIconA
GetSystemMetrics
LoadIconW

advapi32

RegOpenKeyExW

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ