97f7ae7d3909132c5a8663b096a25001_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

97f7ae7d3909132c5a8663b096a25001_JaffaCakes118
Size

15KB
MD5

97f7ae7d3909132c5a8663b096a25001
SHA1

5f02f3a89f2cd5bc14e60a079970e3afd61b71c8
SHA256

e098f6f9fe3b32db73610130ba539c6d1a88239b6c2bdf2e7dd99c440acf9c8c
SHA512

73fb44200ed3c3cf021c9942859ccdd1e7889b52f86ad26b1160bc3835bef584cc776c8d5e1b6ae091f0d019267cf4497a752cb9aadc430ad74d9c60c3056b60
SSDEEP

384:fmh7AJn4hCX1h2khgNwtWMFFM42PnplRGn7Asy+EYpw:fYJhCX1hngNwtWE0hlYn7nE/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97f7ae7d3909132c5a8663b096a25001_JaffaCakes118

Files

97f7ae7d3909132c5a8663b096a25001_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3156fb38374a9470cc2c239d8ebccec3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

wsprintfA

advapi32

GetAce

Exports

Exports

Remove
Setup
_DllMain@12

Sections

.MPRESS1
Size: 14KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 1021B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE