d8fdc7428644b131fc21f17e165e640d_JaffaCakes118 | Triage

Sharing

General

Target

d8fdc7428644b131fc21f17e165e640d_JaffaCakes118
Size

320KB
MD5

d8fdc7428644b131fc21f17e165e640d
SHA1

84c877a62164f808fe457f737e9cd98a251803d0
SHA256

98e5719750aa827bfac863c6b5cf5e191a30be9b34ecce5288b1e8b4ed3511f6
SHA512

03fdb97d02d50f2599ff26069a040db3bcbdaf047f9474cb1763517478b5cd1128cf05f47ffa4b296646cabe36a677e00af279626a266ba648185a70aa637998
SSDEEP

6144:4lT2Mw9oF8K9lYznaQzSyBrh4v3Amu60tm8Qsw/x3XhhMasm/JMi2Fe4:NMyLK9lqIwh4Qmults/VhhMaX2Fd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
d8fdc7428644b131fc21f17e165e640d_JaffaCakes118

Files

d8fdc7428644b131fc21f17e165e640d_JaffaCakes118
.dll windows:5 windows x86 arch:x86

1f572cb1af59b97cfd387615c70e66ad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

GetFocus

oleaut32

GetRecordInfoFromGuids

rasapi32

RasEnumAutodialAddressesW

kernel32

GetModuleHandleW
GetModuleHandleA

advapi32

RegCloseKey

Sections

.rdata0
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Rdata
Size: 4KB - Virtual size: 922B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 180KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt2
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ