972c4c237ffb5fd4f3b30a4cf365f5ca_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

972c4c237ffb5fd4f3b30a4cf365f5ca_JaffaCakes118
Size

38KB
MD5

972c4c237ffb5fd4f3b30a4cf365f5ca
SHA1

98ab7ffbda9f2ad25a1412a054bc61a1e8f2a8d7
SHA256

73651edb1904f6e91b4a46eca326c23ca08a7d1be631080433c6663b17499af8
SHA512

455f79704e75f47b3645a211558abb2772fa034a284609ce7e15da77a5b6fbe41e0e3ece64465197b201064f814c5c04871f0ed4da4a5064dbd35e6b476fd6df
SSDEEP

768:E9RDLOOHeIx8KjNh2DRsk8SlAzYpzkh6WcpzReRVkFzzx7mXHg9fo7Dx:0RLzci2DKk8SSzYBkh6hReR0D9a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
972c4c237ffb5fd4f3b30a4cf365f5ca_JaffaCakes118

Files

972c4c237ffb5fd4f3b30a4cf365f5ca_JaffaCakes118
.dll windows:4 windows x86 arch:x86

46a983f0afa2867196dbb3cffc026724

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msi

ord171

advapi32

RegCloseKey

Exports

Exports

ExecNetFx
SchedNetFx

Sections

.MPRESS1
Size: 32KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE