bafe9a01037e2f793b148b25a6be7739_JaffaCakes118 | Triage

Sharing

General

Target

bafe9a01037e2f793b148b25a6be7739_JaffaCakes118
Size

4KB
MD5

bafe9a01037e2f793b148b25a6be7739
SHA1

658f222609c198a3ba8124a342676a0e1a2de534
SHA256

2c746ac22150993471843bc7b3406ebeccc5b955d9ce6e4be83448aa5810f20f
SHA512

855a262cde9d499898af37dc61fcdbadcbc108d87cdfdfb724d19dcce0aa4966163c748da3b087d15950ed195ef9009136a09e29ec2df233d3f35552b0c6fb08
SSDEEP

48:yyk8regdam2pZp1i6lc7HlPbkKNfPY08u:I8PkbRElPbkKN98u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bafe9a01037e2f793b148b25a6be7739_JaffaCakes118

Files

bafe9a01037e2f793b148b25a6be7739_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d7d03cfcde314dd9338220f955e0c9a5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
GetProcAddress
LoadLibraryA
ExpandEnvironmentStringsA
lstrcmpiA
lstrlenA
DisableThreadLibraryCalls
CreateFileA
WinExec
CloseHandle

advapi32

RegEnumValueA
RegDeleteValueA
RegOpenKeyA

Exports

Exports

DriverProc
auxMessage
midMessage
modMessage
mxdMessage
widMessage
wodMessage

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 630B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 126B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ