ff4c0c7caf73604e73c597471c32287c_JaffaCakes118 | Triage

Sharing

General

Target

ff4c0c7caf73604e73c597471c32287c_JaffaCakes118
Size

33KB
MD5

ff4c0c7caf73604e73c597471c32287c
SHA1

2cc65446104702ced46260e7a2b5e2ece9efeb2d
SHA256

fdc88cecfa4444ef132d58627cb3ae72a1675e3ab80de4c02d64a33d41e0b828
SHA512

d7576f0fd5f0cf8774c1b8ad2cfbf60ecbcdcae2f78069349f440c369b1e0ce8beba697ce22565f95ab62575d03ef007e950c5bad3643e6731b06bcf1ee26a47
SSDEEP

768:4fhq3edb4TLM5CoJtVqRFv538xFLkGToDOsPHXpF2esldbXW5A3PK7D:4fhkwEc5CFv5M/LDToDhPHXpwesC5A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff4c0c7caf73604e73c597471c32287c_JaffaCakes118

Files

ff4c0c7caf73604e73c597471c32287c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

9b9812a61c7ee97fcf82eeaf281e2b73

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

version

VerQueryValueA

user32

wsprintfA

advapi32

RegCloseKey

Exports

Exports

QTENTRY

Sections

.MPRESS1
Size: 29KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE