163c14497828b1b93e1926873914a0c7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

163c14497828b1b93e1926873914a0c7_JaffaCakes118
Size

210KB
MD5

163c14497828b1b93e1926873914a0c7
SHA1

d09c00175edf6002303b28c9c40f0dff9271cf0e
SHA256

71076c42a1b33981b9d8fd5d865154cec223a9dacb21cfec12e9e68823e4d32d
SHA512

935348e73c5aa7b6edaf7d07c385de4a8ca56cb6a6070c289f84a7861b804804daafb8eed7573aa857bfac9f84df3d91a7140722bd632f9d832447d73258f816
SSDEEP

3072:5625/dCTYp78g3KOxchHXLLUYOAA4jZBdYgY2epfB04+nnH:066OjAA4XdYgSpfB04+H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
163c14497828b1b93e1926873914a0c7_JaffaCakes118

Files

163c14497828b1b93e1926873914a0c7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3c290133e6ebf9207ee785f8308f1159

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiW
GlobalFree
lstrcpyW
lstrcpynW
GlobalAlloc

user32

wsprintfW

ole32

CoCreateInstance
CoTaskMemFree

Exports

Exports

ClearUserAssociations
QueryAppIsDefault
QueryAppIsDefaultAll
QueryCurrentDefault
SetAppAsDefault
SetAppAsDefaultAll

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ