39c970985f0e9769176bdedd4d647438_JaffaCakes118 | Triage

Sharing

General

Target

39c970985f0e9769176bdedd4d647438_JaffaCakes118
Size

14KB
MD5

39c970985f0e9769176bdedd4d647438
SHA1

cac066e4e21be547e9ff4825dfc0fd5e2a13fba3
SHA256

f3747447510e9f41d62e84723c1f345ef785152a7e2562bc621982eb0c425e5b
SHA512

e870147c6a65803fffd8b44e9553c7fbd587ca20c8a0f9ea7950098eb924233fe1432a11c3f5b45e5d88570d6e8c09e3be7f012f16a93cf29ea71c2228462b8c
SSDEEP

192:I6kiiLJuhNoFxlQDiClNqqMsO9WXUbbrIeQy/USF+b++bxwo9D27zwKFOOZBjSO:nkiVhNgxlR2p9yVQyR+S+two9qz/ECF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39c970985f0e9769176bdedd4d647438_JaffaCakes118

Files

39c970985f0e9769176bdedd4d647438_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ddae9216dcdd05b0cac69a15bca38be6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
WriteFile
LockResource
LoadResource
SizeofResource
CreateProcessA
GetFileAttributesA
CreateDirectoryA
GetTempPathA
GetSystemDirectoryA
GetCurrentDirectoryA
CreateFileA
GetFileSize
CreateFileMappingA
CloseHandle
FindResourceA
MapViewOfFile
HeapAlloc
GetProcessHeap

advapi32

RegSetValueExA
RegCreateKeyA
RegSetValueA
RegCloseKey
RegOpenKeyA

Exports

Exports

DllMainPoint

Sections

.text
Size: 1008B - Virtual size: 996B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 784B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 240B - Virtual size: 227B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 16B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 192B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ