467b8003ae0fba3dd2a23acc8dae1a34_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

467b8003ae0fba3dd2a23acc8dae1a34_JaffaCakes118
Size

4KB
MD5

467b8003ae0fba3dd2a23acc8dae1a34
SHA1

0e75d13b5ca988aeedc567ddd058b9c05e213b92
SHA256

8acf3ffcb67dd300569648e1e83a007d849d577dc8c634db98a9463c071da54a
SHA512

073b3a9e6dfbf2ce4351e4425c1b629a45b432d0da3d576716a1d61fdb71380c7cd7e9706db5b1c4c67d01d3762b810d7d329712252bf8a44d811cc7cd7a400e
SSDEEP

24:eH1GSyk8zX0lVY+AQ5gdaut2pZQi1iKHlcXglQp274C+/lXgwFU3K3RbRkjudbjP:yyk8regdam2pZp1i6lc7HlPbkKNfPY0F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
467b8003ae0fba3dd2a23acc8dae1a34_JaffaCakes118

Files

467b8003ae0fba3dd2a23acc8dae1a34_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d7d03cfcde314dd9338220f955e0c9a5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
GetProcAddress
LoadLibraryA
ExpandEnvironmentStringsA
lstrcmpiA
lstrlenA
DisableThreadLibraryCalls
CreateFileA
WinExec
CloseHandle

advapi32

RegEnumValueA
RegDeleteValueA
RegOpenKeyA

Exports

Exports

DriverProc
auxMessage
midMessage
modMessage
mxdMessage
widMessage
wodMessage

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 630B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 126B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ