5702620decb6e61ad540f83da8cc38ab_JaffaCakes118 | Triage

Sharing

General

Target

5702620decb6e61ad540f83da8cc38ab_JaffaCakes118
Size

116KB
MD5

5702620decb6e61ad540f83da8cc38ab
SHA1

519754dff5e422cd0bf1a478d46d0c167ab17d3c
SHA256

acd77b4b365e90394d6f21585516f511487c52fff3074a0dd9c2263d636a06a6
SHA512

f59c8f84add5b96b81d6b76d6ca74a7ac97a257a4fafd422642f5a242d191db620bd928dd38bd122d3ac0745a9bd17b570505959777d8f70468d73205d60375b
SSDEEP

3072:hvwB7ktj2GLxKf1qSjoTefvuS5eB5DS7k:hPNr8f1qgEz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5702620decb6e61ad540f83da8cc38ab_JaffaCakes118

Files

5702620decb6e61ad540f83da8cc38ab_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3aceb030856571ad2fbbbe99f1647495

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetVolumeMountPointA
GetPrivateProfileSectionNamesW
GetDriveTypeA
ExitProcess
_llseek
LZClose
lstrcpyn
VirtualAllocEx
GetCurrentProcess
OpenMutexA
GetCommandLineW
SearchPathA
FormatMessageA
OpenWaitableTimerA

user32

GetMenuItemCount
InvalidateRgn
HiliteMenuItem
PrivateExtractIconsA
CreateAcceleratorTableA
LockWindowUpdate
GetWindowTextLengthA
IsGUIThread
PtInRect
GetMessageTime
DrawFrameControl
GetDCEx

gdi32

GetRasterizerCaps

Sections

.text
Size: 104KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbbs
Size: - Virtual size: 228B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ