c92b4d1ecfab1fb41490bed65509cb00_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c92b4d1ecfab1fb41490bed65509cb00_JaffaCakes118
Size

24KB
MD5

c92b4d1ecfab1fb41490bed65509cb00
SHA1

1514e552ff15f61a7a4cd601b6038476d64db65a
SHA256

c1078db23061f1348d25873c5d8fc7c99510f3f3c91eab81ca751462747b69fd
SHA512

d6e37d930f911588e469e969d62f19132336bd15924c7a286ac187d2212dbf513889c2782eff22d2ca0de6dbe525abe9322cb147b762464c06a4f24d3d353c59
SSDEEP

96:ji67+rF1YnrMyMcGMyBsp0LWKcyZ+ASx2o34OznArf:jv+JxyjLk2RKcyYf8XOaf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c92b4d1ecfab1fb41490bed65509cb00_JaffaCakes118

Files

c92b4d1ecfab1fb41490bed65509cb00_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8e94e3a02c43ea737d7c77db240f119c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
GetProcAddress
GetModuleHandleA
lstrcatA
LeaveCriticalSection
lstrcpyA
LoadLibraryExA
FreeLibrary
GetVersionExA
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
DebugBreak
DeleteCriticalSection
lstrlenA
InitializeCriticalSection

advapi32

RegCreateKeyExA
RegSetValueExA
RegFlushKey
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegDeleteValueA

Exports

Exports

NP_GetEntryPoints
NP_Initialize
NP_Shutdown

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 943B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 390B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ