636ea7d78b3b8216556da3aa55cdaf43_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

636ea7d78b3b8216556da3aa55cdaf43_JaffaCakes118
Size

14KB
MD5

636ea7d78b3b8216556da3aa55cdaf43
SHA1

55a6b37e1ccb5c6381e993c3710373414e9d0f12
SHA256

eea52b8b302fec81a905a9495a965891ce1323661e866fb918831aeae1d1eb40
SHA512

ece5220a5052e420e81b4af78b09122261e4de4611ae5e9248c59729953c9ce20fd39ade0b9ca73bd30852ab1013b713a24c93ab1b738ae16311411d185a65ef
SSDEEP

384:ukiVhNjxlR2p9yVQyR+S+two9qz/ECFjkb:ShNjZ2pY2SdPo9w9jW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
636ea7d78b3b8216556da3aa55cdaf43_JaffaCakes118

Files

636ea7d78b3b8216556da3aa55cdaf43_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ddae9216dcdd05b0cac69a15bca38be6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
WriteFile
LockResource
LoadResource
SizeofResource
CreateProcessA
GetFileAttributesA
CreateDirectoryA
GetTempPathA
GetSystemDirectoryA
GetCurrentDirectoryA
CreateFileA
GetFileSize
CreateFileMappingA
CloseHandle
FindResourceA
MapViewOfFile
HeapAlloc
GetProcessHeap

advapi32

RegSetValueExA
RegCreateKeyA
RegSetValueA
RegCloseKey
RegOpenKeyA

Exports

Exports

DllMainPoint

Sections

.text
Size: 1008B - Virtual size: 996B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 784B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 240B - Virtual size: 227B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 16B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 192B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ