379f295184af7c51f4523a383140b7e1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

379f295184af7c51f4523a383140b7e1_JaffaCakes118
Size

37KB
MD5

379f295184af7c51f4523a383140b7e1
SHA1

4f5ae403be09d3ef202ad25d33e86db1342e3d01
SHA256

ebc40fb27052827dc3f1bee906423179c3da58c5e50201dfe806ca58d6845e78
SHA512

ea581221be241c7896e5e5f795b31b1a9047dd2107b21ebc74ba389342aa6f04df067f0310ac9acac1783a1ed5eaec4d210f65a18a752769a93fc8009e0fdbea
SSDEEP

768:E87sxnXInQQkr9uhIDlWwimgNeR7KQYlQoGhM0c3:VAxnI2Awkwko7KQYGo+a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
379f295184af7c51f4523a383140b7e1_JaffaCakes118

Files

379f295184af7c51f4523a383140b7e1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3b6e3b0f276cd8981b021d6bbced6749

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

ExitProcess
GetSystemTimeAsFileTime
CloseHandle
GetStartupInfoA
GetModuleHandleA

advapi32

RegQueryValueA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ