f70011c94d1be4bda46a10e9e74cd3d6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f70011c94d1be4bda46a10e9e74cd3d6_JaffaCakes118
Size

203KB
MD5

f70011c94d1be4bda46a10e9e74cd3d6
SHA1

2272fbd31c47b4afd9696820836e19be53964ce7
SHA256

4a364716c2a87a0a707c5570f5e841b30512ad1ba770e25d93a70f64377e06cf
SHA512

44be4635dd5d19aa893f0dd4edf583b3e121522d36d42daa61168fdcb3ce8cb6f52850bf6a92aecefe67bdae3b5cbfdb246054b800fa9f5692db6d030d415107
SSDEEP

6144:FfPKpU+W9rek0Lou56IzYmDWm2pLYJ20znr5f:F3x3/0UuEIzYmDR2pLYJ2W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f70011c94d1be4bda46a10e9e74cd3d6_JaffaCakes118

Files

f70011c94d1be4bda46a10e9e74cd3d6_JaffaCakes118
.dll windows:5 windows x86 arch:x86

3d37172d151684d92118e3e092f4d6a8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAllocEx
GetWindowsDirectoryA
lstrcatA
CreateFileA

gdi32

GetStockObject

advapi32

RegOpenKeyExA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

text2
Size: 198KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ