a982a43d0043e77fc5b7633c0dec7862_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a982a43d0043e77fc5b7633c0dec7862_JaffaCakes118
Size

27KB
MD5

a982a43d0043e77fc5b7633c0dec7862
SHA1

728c6a6709f41fb6110695fa8e36d33613a03e9b
SHA256

c305d9216d125090fcd0dba2323d0e46cb664250f46a2367e88306ed98fbc33c
SHA512

5aa2fbd253bc897b69586bee94659d264b2e6e0ce3bab25315ea31186c43cd37b6465dd839291cea4995a5b8b1294f3cb05f1a6d822c38dfa9e79b554b1c5ac5
SSDEEP

384:AiVPY9VP98FoQ5OTJ3zGNR4OUGZZFECWBWQX1Uc7D696cgBaciOg:tJ+GP5OF3zGNSO9HqXD605L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a982a43d0043e77fc5b7633c0dec7862_JaffaCakes118

Files

a982a43d0043e77fc5b7633c0dec7862_JaffaCakes118
.dll windows:5 windows x86 arch:x86

dc4f813d4e8f8ad9f2a6ac1b19784609

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
GetModuleHandleW
LoadLibraryA
GetProcAddress

advapi32

RegOpenKeyExW
RegOpenKeyA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data2
Size: 512B - Virtual size: 13B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data3
Size: 512B - Virtual size: 13B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.dc
Size: 512B - Virtual size: 34B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 462B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ