d48d43e79b8432115ee2d24ca8b84ab8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d48d43e79b8432115ee2d24ca8b84ab8_JaffaCakes118
Size

38KB
MD5

d48d43e79b8432115ee2d24ca8b84ab8
SHA1

16a532d35c0125a4833d336fbe339aff9d9d735a
SHA256

5b34fe14750a7f53995839a6f2d5436a6ac9ca86cd50ac91078884c23985839b
SHA512

52561e564a7eab692fbc4fd07095137901f8a60ab05f1bc669d008465c3267dcf7c71b72b5087bfbcbf7d93ab23da5050ef08ce791cacb4bec4b8a7237683a52
SSDEEP

768:5ZBljKBW5NXheYwm5vR2fkJUcrRkGS0e2o09Fb5HyuuAfpl2fb534o463m0S7D:TBljSWHhF5JM0UcNk72v959yvfF4o73

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d48d43e79b8432115ee2d24ca8b84ab8_JaffaCakes118

Files

d48d43e79b8432115ee2d24ca8b84ab8_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c6432f5b694eb72e7ebf00b7d0d55741

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

setupapi

SetupDiGetClassDevsW

msvcp71

?_Nomemory@std@@YAXXZ

msvcr71

atoi

user32

wsprintfW

advapi32

RegCloseKey

ole32

CoInitializeEx

oleaut32

SafeArrayGetLBound

Exports

Exports

CreatePlugin

Sections

.MPRESS1
Size: 34KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE