4719d731fac1e314d22809d30a2b49b6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4719d731fac1e314d22809d30a2b49b6_JaffaCakes118
Size

39KB
MD5

4719d731fac1e314d22809d30a2b49b6
SHA1

ef34f23bf52f6ce111cf0c31e08e972e9ee3b1f9
SHA256

0f5b2b20e33a92ccc8c10e1cfe4c25c1096337eba9a90cf050de492830e393a2
SHA512

9bd05348c272e2821d58848bd20ad1b457fb8f074bd8e540acc628b2947be2914727c8d02a8067b94f8ca07c689ef97d304598bfaea1317523c6b26cb91a4bd3
SSDEEP

768:eT6AGJoEL9lprTUkySmnFNf9CwfPXaf181GHjwGpFJMpFJ:eT6dt1TefFnda988DwGvJMvJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4719d731fac1e314d22809d30a2b49b6_JaffaCakes118

Files

4719d731fac1e314d22809d30a2b49b6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ca6769ed9d55efda76b4ebb58503c894

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteFile
CreateFileA
DeleteFileA
GetFileAttributesA
GetSystemTime
GetSystemDirectoryA
FindClose
CloseHandle
lstrcmpA
FindFirstFileA
GetStringTypeExA
GetThreadLocale
FreeLibrary
GetProcAddress
LoadLibraryA
MultiByteToWideChar
GetModuleHandleA
WideCharToMultiByte
InterlockedDecrement
lstrlenW
InterlockedIncrement
GetVersionExA
lstrlenA
HeapFree
GetProcessHeap
FindNextFileA
HeapAlloc

advapi32

LsaAddAccountRights
LsaClose
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
CreateWellKnownSid
OpenSCManagerA
OpenServiceA
ChangeServiceConfigA
CloseServiceHandle
LsaOpenPolicy

user32

LoadStringW
LoadStringA
CharLowerA
wvsprintfA
CharNextA

Sections

.data
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 594B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ