a4bf9a611196d65ead4b3daad6acc1d1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a4bf9a611196d65ead4b3daad6acc1d1_JaffaCakes118
Size

1.7MB
MD5

a4bf9a611196d65ead4b3daad6acc1d1
SHA1

b143bc98f1df45f90582e3ba2a0f9a3849541892
SHA256

1956c4d97b9ac8f107839063b7e474d4e04822ad27f02a37d0d592c16806810a
SHA512

baaf33c3a5359713d445c52ef443e2b569be2c0d6ad318017745924ee9800d0d10fd779d580b526bdcfe62223a0f7a9265302779623579c073eec2987c0da929
SSDEEP

24576:jXgOJErD3qXnT4YVbxtqRSbxIlvlG0oD6Owaw8xJP6U7+8KgzXGDGEbCIbTaqxnx:Y9IbxtqobedY6wTxJPb7+81QRCuvnx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4bf9a611196d65ead4b3daad6acc1d1_JaffaCakes118

Files

a4bf9a611196d65ead4b3daad6acc1d1_JaffaCakes118
.dll windows:5 windows x86 arch:x86

8ecbf70054a6a2b755d9991586df9adc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
CreateNamedPipeW
GetProcAddress

gdi32

OffsetClipRgn
StrokePath
GetTextCharsetInfo
CreateCompatibleDC

advapi32

ChangeServiceConfig2A

Exports

Exports

hlrsmnauogaxa
qdhttlwgjll
qnwvvhtjaambnev

Sections

.text
Size: 187KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ