da5f2e0171a16f0bd5536864068be964_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da5f2e0171a16f0bd5536864068be964_JaffaCakes118
Size

685KB
MD5

da5f2e0171a16f0bd5536864068be964
SHA1

812c85f5b04bb46f74f1f1b17f5681ddeb34f930
SHA256

c32e7a1b035ca77fe226b8396e1d7143b9284285136cca0c9730c28c66048123
SHA512

35ccf08509d2d6581cc80bbcafa66794d1ef99faaa8e0374c5e0b82cfa7f6435fabb3f740db37ec2ec7b73abe043509fa4a0accd40e2509edc6467304b1700a1
SSDEEP

12288:eZcvQsnNEUj/sDLfGAGut2OfCKMJh3OQPOvdhXN8cm0Lwf+1okbZMzQG+Vc:0cvfnNEUj0DLfVGut2Ma3O3XN7wU5b2J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da5f2e0171a16f0bd5536864068be964_JaffaCakes118

Files

da5f2e0171a16f0bd5536864068be964_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ae0a5112fe1176f4e5f6e1bc95e4c209

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

FreeLibrary
lstrcatA
GetModuleFileNameA
ExitProcess
LoadLibraryA
GetProcAddress
lstrlenA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Exports

Exports

api
ִ��DOS��2

Sections

.text
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ