08fdc7908e8ea22c167780398061f83a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08fdc7908e8ea22c167780398061f83a_JaffaCakes118
Size

22KB
MD5

08fdc7908e8ea22c167780398061f83a
SHA1

11c14116c860168939cd27cd2d3dc4ecf2b742c2
SHA256

041e0655414358ab1030cb02d234cef8bce4313a80649418e969dd3ea4ce8369
SHA512

c9e57794aa7945554dd9f1b771f15846986190dedc60c6ef3dc7b29071e7df767c5cdbcf626138a9e6d1ee53530f77c5379652f48169c025baf857472af29c7d
SSDEEP

384:7iIDp7aKgv3qbW8KzLTdaHF/poBqQEbHAc5FmttE9Bt5Kfc6AQbrrqwqc:7iZR3qa8SalOBp+gcTm23Q21c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08fdc7908e8ea22c167780398061f83a_JaffaCakes118

Files

08fdc7908e8ea22c167780398061f83a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

9c0432e1910a7f6b5d39ec1826872d5a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
GetProcessHeap
GetTickCount
HeapAlloc
HeapFree
HeapReAlloc
Sleep

Exports

Exports

Control
DllRegisterServer
FreeBuffer
Release
Start
StartW

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 386B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ