2780cf2477a5ad6508415daa0cb81ab8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2780cf2477a5ad6508415daa0cb81ab8_JaffaCakes118
Size

5KB
MD5

2780cf2477a5ad6508415daa0cb81ab8
SHA1

faf662c950e8ecc83d28f9845dd19c3f29c0d37d
SHA256

f61b92551f46abb424f59031b65528d175e528599ee3c560b7b4ccbec2fbe56b
SHA512

66d613f5a0e66876fec5023e6decb0608b7b7692a01cde3d5db610e893dc5b63a0908ee10ca0f4df9211405385ed91e26bf59758f28d1bd1cb1c3684c62146ff
SSDEEP

48:KkWBzCabP/xaxmpFeVTjA0fPH6Bilf+l7VuSIXSTo:ziCVmpFeVTjA0a0N+BQSICE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2780cf2477a5ad6508415daa0cb81ab8_JaffaCakes118

Files

2780cf2477a5ad6508415daa0cb81ab8_JaffaCakes118
.dll .js windows:4 windows x86 arch:x86 polyglot

17fb0a33af4b42eed8d0236e198eaff8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegQueryValueExA
RegOpenKeyExA

kernel32

VirtualAlloc

Exports

Exports

CreateProcessNotify

Sections

.text
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ