4a270dc792e4b7e1efb748a73e37006e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4a270dc792e4b7e1efb748a73e37006e_JaffaCakes118
Size

191KB
MD5

4a270dc792e4b7e1efb748a73e37006e
SHA1

4fa8bece82eaf8284a60dcecec5ffc2b090b71be
SHA256

c297ce68c3d196663dabdf943f937bb7b9011eb0cabc8c52608833db87ff6b31
SHA512

4a7d80bb279706c3917d0c5d789d35e46294a3b94e8cb63b7392ff0ec0bda1a7ee3fcc6be5c8e27762556c0d3481fdada33c7db254c5242a7a8db6806ec1b046
SSDEEP

3072:4CW7JxYkuKqtwUliCggjxJdCk/l+GV4UuL+28pjV1GhdshDUNL8PVdE:OeKqqUly8fAGV4wth0IZ1V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a270dc792e4b7e1efb748a73e37006e_JaffaCakes118

Files

4a270dc792e4b7e1efb748a73e37006e_JaffaCakes118
.dll windows:5 windows x86 arch:x86

7b346c49fdfb0673e6e1fd11ae9d8f54

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcatW
GetEnvironmentVariableW
CreateFileW
ExitProcess
VirtualAlloc

advapi32

RegOpenKeyExW

Sections

.text
Size: 189KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ