f70c18341ee2bb924de14c265172257d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f70c18341ee2bb924de14c265172257d_JaffaCakes118
Size

293KB
MD5

f70c18341ee2bb924de14c265172257d
SHA1

4845fe62fdbb0a2321d3497eab9cd84d0ac5f260
SHA256

2496f84ea0c9001ecdce5074bfa80179082bb55df0095a3b90b0506c1a2f6d28
SHA512

720c918670db7c796b5ae86b8357404943c77d5c3b05e44ba96efcca4d2b5e03f5c083eb637268086736237bba5c832fecc15fd7f7e5381cb9743383ee8d4046
SSDEEP

6144:49t6b+hHrLHZRfBrf3ym9ETRILXW6cKn2vrIerPam2Lzhq:4/6bqHrjBGm9ETRsXW6RNSPamezg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f70c18341ee2bb924de14c265172257d_JaffaCakes118

Files

f70c18341ee2bb924de14c265172257d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2c64765514f864d3711fb576b98fa9d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

CharToOemA

advapi32

RegQueryValueA

Exports

Exports

cmofclt
kvxfqkgevc
lc

Sections

.text
Size: 287KB - Virtual size: 632KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE