ab56c1e00e863d480ea4a5c0d0f41f0d_JaffaCakes118 | Triage

Sharing

General

Target

ab56c1e00e863d480ea4a5c0d0f41f0d_JaffaCakes118
Size

512KB
MD5

ab56c1e00e863d480ea4a5c0d0f41f0d
SHA1

51dda026eac7a2c76261ae11b409fcdee5dd7d59
SHA256

166702602c3c679cad4ec6240cdfdcfbed3e225607b04f414296d7cb3b4298bb
SHA512

12e5a8beb2d267c5d9cd37fe17bd4d50755ffee089a8eec46a1a0dd12835f70dcffa1134de9bbb862954b540ab1ab6dc16952dbbc9d4c853bdbdf8e129ab1140
SSDEEP

6144:TjmXPOiwUVXvnSt2qAx5hxM2GlyDBtrE67ZpQrhDhiGgsydjfwA3b7pz:TK/OKStPEGarE4HQVAGmnz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab56c1e00e863d480ea4a5c0d0f41f0d_JaffaCakes118

Files

ab56c1e00e863d480ea4a5c0d0f41f0d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

9fe0814f06c36c02f525c4d0d7e04fbd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

pd.pdb

Imports

kernel32

GetPrivateProfileStringA
ReadFileEx
HeapFree
GetProcessHeap
HeapAlloc
Beep

advapi32

RegDeleteValueW
RegOpenKeyExW
RegOpenKeyExA
RegEnumKeyA
RegQueryValueExA
RegOpenKeyA
RegCloseKey
RegEnumValueA

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 723B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 471KB - Virtual size: 470KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ