d2c548cc1de14170288091d4216accb7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d2c548cc1de14170288091d4216accb7_JaffaCakes118
Size

229KB
MD5

d2c548cc1de14170288091d4216accb7
SHA1

701b4faac946b7cc26d52f171c37562e13633d02
SHA256

4aeb3670629735233994b5cf8dc225a6a06559d6c2fce43d53501eba710e265a
SHA512

c59140713ef54d54078ec53e89a5da5f8601a235973b7c6eb7382f903100a5e465d5043e1d9a04b0c5a1c8be48dfa01a50e4e584044b389037748d06308ded23
SSDEEP

3072:5TVgK2fONkiSDpcHGYPzUosISFNLIrY2V2wSQXD27/ohCZBgyE4ID2Xt8:xVifMec17MIl7q7/ohCZ1Dt8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2c548cc1de14170288091d4216accb7_JaffaCakes118

Files

d2c548cc1de14170288091d4216accb7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ae0a5112fe1176f4e5f6e1bc95e4c209

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

FreeLibrary
lstrcatA
GetModuleFileNameA
ExitProcess
LoadLibraryA
GetProcAddress
lstrlenA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Exports

Exports

api
ִ��DOS��2

Sections

.text
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ