JaffaCakes118_e2b9146da53933921ffe7990509075a5 | Triage

Sharing

General

Target

JaffaCakes118_e2b9146da53933921ffe7990509075a5
Size

19KB
MD5

e2b9146da53933921ffe7990509075a5
SHA1

03b3cbaf1e673309faefe622715b0c4558fbbaaa
SHA256

24694c2b950590fe55ff050d9b343870c02725d9450d42ad4efb39a907545615
SHA512

8fca67e3618124f16e10f251d83e16c6eb68978b014db927083d624b5a1cd87e9a304fae63a9e338687be01b0df57c4f66b383c7f39a04448f6c87c9beb9babb
SSDEEP

384:rhz2ghvlbfIx0LKi0+Uhjq3OPukQZC6By:r12Wl7I6LK1+ZOPukQM6By

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_e2b9146da53933921ffe7990509075a5

Files

JaffaCakes118_e2b9146da53933921ffe7990509075a5
.dll windows:4 windows x86 arch:x86

5b719630695886c9adf3d4bc3e5a84c0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

_stricmp
_snwprintf
strncmp
_snprintf
strstr
strncpy
strtoul
memset
_chkstk
memcpy

shlwapi

PathFindFileNameA
StrStrIA

kernel32

CreateMutexA
HeapFree
GetModuleHandleA
Sleep
GetModuleFileNameA
HeapAlloc
HeapReAlloc
HeapCreate
OutputDebugStringA
GetLastError
VirtualFree
CreateThread
GetCommandLineA
VirtualAlloc
LoadLibraryA
GetProcAddress

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE