557aea9b4592f54d5a58ee9aff91626a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

557aea9b4592f54d5a58ee9aff91626a_JaffaCakes118
Size

84KB
MD5

557aea9b4592f54d5a58ee9aff91626a
SHA1

e7cff931086453493d41defc05edc1c5db10d386
SHA256

a36562b55a9f8dd4885fada01ae01a2b17226f1623b4322851bad31cb8843bc9
SHA512

f0d2df182238e7e8abdb73fa5d610da96be7f0cea627e2a6ebd056477bce6e54c4449280d381d762ec854a2b13ac7b3d264aafde363b10d2a7967ca5f3d8decc
SSDEEP

1536:Fg5QKrUHcVtyiKnSZzP/pRaDIAMpoC6Erftem+gkmM:FgGmV0iRlxAMpFFtu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
557aea9b4592f54d5a58ee9aff91626a_JaffaCakes118

Files

557aea9b4592f54d5a58ee9aff91626a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e921e41da9b03483d47fa1893c6285bd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetHandleInformation
GetCalendarInfoW
LockResource
SetTimeZoneInformation
MultiByteToWideChar
SetCurrentDirectoryW
FindNextVolumeW
CreateToolhelp32Snapshot
LoadLibraryA
PurgeComm
GetProcAddress

shlwapi

StrChrA
PathStripPathW
SHDeleteKeyW

advapi32

SetThreadToken
EnumServicesStatusExW

Exports

Exports

tapiAuthenticationdrm

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 683B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ