dc59225f3ece328e98307d68a54536a7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dc59225f3ece328e98307d68a54536a7_JaffaCakes118
Size

40KB
MD5

dc59225f3ece328e98307d68a54536a7
SHA1

ee4f6374b1a4415fb08181e62e7a622adeb2da75
SHA256

e3a5c3acb8557ff7733f2cc5935514d1a28f32c4ad620cb8d6d509cdbf8f219a
SHA512

53d9736117a9f4c51a4897253708b9d3bdd7527eaa67108d6db4423b6383c2bff28692ad59204acca601c0c42b3ba0203e950c6b9a41c0c82483671a7c145ab2
SSDEEP

768:1Ahyq/kSGlgoVlwozMOAF0bPhCsGSS9b/sIW1670bZvG+OgL5fL98ATuOeWHaQ7Q:+h+kMFztAF0jhBGN9b/PWdZvLxL9L98X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc59225f3ece328e98307d68a54536a7_JaffaCakes118

Files

dc59225f3ece328e98307d68a54536a7_JaffaCakes118
.dll windows:5 windows x86 arch:x86

cda3acdf88dc8dff2178bb577a757cd2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

free

advapi32

RegCloseKey

Exports

Exports

UPSCancelWait
UPSGetState
UPSInit
UPSStop
UPSTurnOff
UPSWaitForStateChange

Sections

.MPRESS1
Size: 35KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE