12c94f86a9258a4e851b8f286f864c98_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12c94f86a9258a4e851b8f286f864c98_JaffaCakes118
Size

4KB
MD5

12c94f86a9258a4e851b8f286f864c98
SHA1

8520468c9f5de66edbed21be309712a9ceaa4db7
SHA256

c0b7162e34823909583cfc499f259051c56707b2a082e5d1e7ff5e7db8678c1c
SHA512

fce91ee92064ed3b79a5dc211237026af3b9d84fab21aa919aca23a7b06ba8f8a43d6cb301d88b88d2a69c1a34cdb54928d47a8f20d1450e4d4f260f1fa7f11b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12c94f86a9258a4e851b8f286f864c98_JaffaCakes118

Files

12c94f86a9258a4e851b8f286f864c98_JaffaCakes118
.dll windows:5 windows x64 arch:x64

4ea10ef319c9a1302e1e7b245dc67bbb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

ntdll

memset

advapi32

RegOpenKeyA

Sections

.MPRESS1
Size: 2KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE