53330f0fda02b5bc6447b53a6347dbc0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

53330f0fda02b5bc6447b53a6347dbc0_JaffaCakes118
Size

156KB
MD5

53330f0fda02b5bc6447b53a6347dbc0
SHA1

528382218ec769c4d6b40a7cf432ae91b862209e
SHA256

448f823a95edb3b8e41b567f8e5bc7992839b4a515193fafe2b884e37dba9908
SHA512

cf5ca2e2c909f73af7f20d915a1a46eb27e5b3a36e2c694b42725da3cf2597324826dd6f6395d5e69a06a0e6965a6c502c9d9d02fa12f94e6631d6c21e8cb5a8
SSDEEP

1536:wjdg6NnyDcbcBD1IoXSWfJKsMVGJtj3hJ3LlcNND:wjntyDP+oS+YSRiD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
53330f0fda02b5bc6447b53a6347dbc0_JaffaCakes118

Files

53330f0fda02b5bc6447b53a6347dbc0_JaffaCakes118
.dll windows:5 windows x86 arch:x86

efd285586ebddc7a90bb78b8d2973006

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\asdf\s34\p;'po!@!#dfg.pdb

Imports

msvcrt

malloc
memset
_onexit
__dllonexit
_adjust_fdiv
_initterm
free

ole32

CoTaskMemFree

kernel32

FreeConsole
RemoveVectoredExceptionHandler
GetCurrentConsoleFont
lstrcmpA

user32

WinHelpW
IsWindow
DispatchMessageW
SetWindowLongW
CharPrevW
RegisterWindowMessageW

gdi32

DeleteDC
CreateCompatibleDC
GetObjectW

Exports

Exports

Cghrtfui78tyujytuj
hwQWsvDfZPlaHZzgkdhb

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ