fa609e844de281b2f13b107077d021c4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa609e844de281b2f13b107077d021c4_JaffaCakes118
Size

22KB
MD5

fa609e844de281b2f13b107077d021c4
SHA1

399a4cc0e20d8feaa2df425490d0f3e71ca9a305
SHA256

fe4bd1bda1b36b516c69b8dda44b168c0cff41fe6a8b669bc51a45610f1a0151
SHA512

ca9adff031966d49708bac122bdadade96cd0001026d6f022e2e30c7dbc3c6e41bcf527a6213e3c8eb76deec2eb066d2b01be6e6976486ad4441106e8fa66dd2
SSDEEP

384:9SxDsPlBqqPNiaBW2mI5lwaP2/J16wS2L4u7ugfv/rhC//yAssSizB:9StsrFllQ2mil9P2/J4F04yFvtC//yAx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa609e844de281b2f13b107077d021c4_JaffaCakes118

Files

fa609e844de281b2f13b107077d021c4_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

9c0432e1910a7f6b5d39ec1826872d5a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
GetProcessHeap
GetTickCount
HeapAlloc
HeapFree
HeapReAlloc
Sleep

Exports

Exports

Control
DllRegisterServer
FreeBuffer
Release
Start
StopW

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 385B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ