d72fe5e6183d090e9f745abb6dd43c95_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d72fe5e6183d090e9f745abb6dd43c95_JaffaCakes118
Size

112KB
MD5

d72fe5e6183d090e9f745abb6dd43c95
SHA1

47fd464f4e36da0a8df5979a8fc713f951877e28
SHA256

a6f86bac8a4acaf9b280e247e969f4b899e13fdfd9e4d04cc5dd3ef0f47be49c
SHA512

390dd26249549aff5b80153b75aeb50dafe4912355e13c3b05adcf19e614e26136facd87b0ee6d644f34eb9aa4613e96b6b7644c960366a4ee5f493c526fd7ea
SSDEEP

192:+CDlsYZiSp8NKiQWEZcJhz6JP8VG+d5hoRsIHrm47UxM2OaVaElk8ZFfkMQYehLu:+DJYYAR1HrXUvOqvkMCvl5WWmN4WYe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d72fe5e6183d090e9f745abb6dd43c95_JaffaCakes118

Files

d72fe5e6183d090e9f745abb6dd43c95_JaffaCakes118
.dll windows:4 windows x86 arch:x86

012c1a5adfca9576920f29549d3090dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42d

ord2044
ord4525
ord2255
ord734
ord3403
ord4405
ord2130
ord1510
ord5086
ord4443
ord943
ord3059
ord899
ord901
ord824
ord823
ord590
ord813
ord2168
ord342
ord511
ord485
ord721
ord736
ord737
ord880
ord487
ord2640
ord684
ord492
ord4123
ord1100

msvcrtd

_adjust_fdiv
_malloc_dbg
_initterm
_free_dbg
_onexit
__dllonexit
atoi
memset
__CxxFrameHandler
_chkesp

kernel32

GetTempPathA
GetSystemDirectoryA
GetLocalTime
WinExec

advapi32

RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegQueryValueExA

Sections

.text
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1013B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ