376d4c23ee610fdc91a3d6b8f388ff0c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

376d4c23ee610fdc91a3d6b8f388ff0c_JaffaCakes118
Size

39KB
MD5

376d4c23ee610fdc91a3d6b8f388ff0c
SHA1

f67dc6b8d32761d9899157e598c67f6adc22e54b
SHA256

d4f056dbd3da9d93f7f695972d493bf94514b494d67d4effb5cf9a992702171d
SHA512

bc35c158058c9fda9507b20208828832e271fa737258e101223298d0739bfe9672007bbd5831abf5d096f1a8329789e266310db0f3315d2ab7e74d03c6d4c0bf
SSDEEP

768:b9MZiX/AyEnkrxc/O9eIhWYVMu9tZrRQO5R9/LpM4dX8zAdg8MFKgS7Dh:EIA7yu6fVMunjQO/lyGeFKgu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
376d4c23ee610fdc91a3d6b8f388ff0c_JaffaCakes118

Files

376d4c23ee610fdc91a3d6b8f388ff0c_JaffaCakes118
.dll windows:5 windows x86 arch:x86

cd9e51169b2aadc97406b3bdcae06299

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msi

ord171

advapi32

RegCloseKey

version

VerQueryValueW

Exports

Exports

ExecNetFx
SchedNetFx

Sections

.MPRESS1
Size: 34KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE