JaffaCakes118_0e999a347d3de40fd0b554bb56624e68e0e26e219c970018edfd9f7949cf7a0a | Triage

Sharing

General

Target

JaffaCakes118_0e999a347d3de40fd0b554bb56624e68e0e26e219c970018edfd9f7949cf7a0a
Size

21KB
MD5

e87db96cd174302eb50197838cd0e600
SHA1

42a56aeb563dbd3ca10e1b3e5470d2214ddd44de
SHA256

0e999a347d3de40fd0b554bb56624e68e0e26e219c970018edfd9f7949cf7a0a
SHA512

45084a5c9d796465dc9775d1d55d2f232e164a24fb0e5adc601ca4766974ef6c06a0b55e87b85d70bdc0efe38b1095e94e4d73291828c345a3d54766760b1ce4
SSDEEP

384:6ozUso76JPyZV12j5NQY3Jxi181m101q1MhUfZeN1/8SPo/MVT8d:3ho7Cay3J4181m101q+6fWPo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_0e999a347d3de40fd0b554bb56624e68e0e26e219c970018edfd9f7949cf7a0a

Files

JaffaCakes118_0e999a347d3de40fd0b554bb56624e68e0e26e219c970018edfd9f7949cf7a0a
.dll windows:5 windows x86 arch:x86

0d75c24fd4eb31f9c33837dffd00b1c9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FormatMessageA
WriteFile
MultiByteToWideChar
GetLocalTime
lstrcatW
GetCurrentThreadId
OutputDebugStringA
CloseHandle
GetCurrentProcessId
GetCurrentProcess
GetTickCount
GetModuleFileNameW
GetSystemInfo
GetVersionExA
GetWindowsDirectoryW
GetCurrentThread
lstrcpynW
lstrlenA
SetFilePointer
CreateFileA
HeapCreate
HeapFree
HeapAlloc
GetModuleHandleA
LoadLibraryA
GetProcAddress
GetLastError
CreateThread
VirtualAlloc
lstrcmpiA
TerminateThread

user32

CharUpperBuffW

advapi32

GetTokenInformation
GetSidSubAuthorityCount
OpenThreadToken
GetSidSubAuthority
OpenProcessToken
ConvertSidToStringSidA

msvcrt

_vsnprintf
memset
_vsnwprintf

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ