05d6f9e2ea761968dd81db4688a5cd9a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

05d6f9e2ea761968dd81db4688a5cd9a_JaffaCakes118
Size

30KB
MD5

05d6f9e2ea761968dd81db4688a5cd9a
SHA1

94c50640b5a804bd0d2821132d284e16ea2ff676
SHA256

63e01f49fecd94911f346a1cd5ddab37041aff9447fe2f8b2a8d0618d7866517
SHA512

33080f9b011385eb41505eb00baf4cd7a5f7f7a3cb6ac1756515fd1ef3551bbf0d66ef804ff04c2d6c4db52a1f43bb1a002053832e5a0fd4491d6f50e58ddc32
SSDEEP

384:lg+/cwX97MqEXHLvRwGoii2pIEU4PtXm0ZcpxoEesO+qnPlHqR:xkwZMHrvRwKi2aERhDEI+qN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05d6f9e2ea761968dd81db4688a5cd9a_JaffaCakes118

Files

05d6f9e2ea761968dd81db4688a5cd9a_JaffaCakes118
.dll windows:5 windows x86 arch:x86

ab3b8533a19e0e29d2d84b87222ffc88

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
GetModuleHandleA
LoadLibraryA
GetProcAddress

advapi32

RegOpenKeyExW
RegOpenKeyA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.dc
Size: 512B - Virtual size: 34B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ