a560afec517e27d1e277870e0d37e441_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a560afec517e27d1e277870e0d37e441_JaffaCakes118
Size

3KB
MD5

a560afec517e27d1e277870e0d37e441
SHA1

7271db514a08d5c4450db47527cf4774cb956fc1
SHA256

612ae62b7a5f6d9eef2402e8f7497a92c3735797e0a25668e1748bbe72303a00
SHA512

8f33d98d44dd03fab2dc5756cc91dc856bef083a180cd1d4389028fb1f70bf371b671022175bceb4c4aa240f82682f25b999515a500ac1e6be65856f3cf5a307

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a560afec517e27d1e277870e0d37e441_JaffaCakes118

Files

a560afec517e27d1e277870e0d37e441_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5e7de264a8ecd42e21e383daab0585aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegOpenKeyExA
RegEnumValueW
RegQueryValueExA
RegSaveKeyW
RegEnumKeyW
CryptAcquireContextA

kernel32

ReplaceFileW
VirtualAlloc
GetModuleHandleA
MoveFileExA
GetVersion
CreateFiber
ReplaceFileW

Sections

.text
Size: 512B - Virtual size: 305B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 426B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 26B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 42B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ