038ef12e4f67154c09f3cbe4b190fa58_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

038ef12e4f67154c09f3cbe4b190fa58_JaffaCakes118
Size

84KB
MD5

038ef12e4f67154c09f3cbe4b190fa58
SHA1

0c5b11ae58de14d43d68385c4bf7d4a09fb3c2a1
SHA256

e93d407dbdc27dc939a2d27b96f93bc1e5e1a59673bde6ed948f71a9c2ff78ee
SHA512

f7d2583d396887539689c9542b8a855a34dbe051533279a4c06bf25448a0b49d7ec5b274c749f6dcf1eea90b140606d04b3009777ee3a4849de0ab29e0b2b8b6
SSDEEP

1536:3y64+Cn5f9ZZuxjK8+HE7DlsOu3JnN0QF1rkp:iOC5f97qj/+HE7DlsZ3Jn1F+p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
038ef12e4f67154c09f3cbe4b190fa58_JaffaCakes118

Files

038ef12e4f67154c09f3cbe4b190fa58_JaffaCakes118
.dll windows:4 windows x86 arch:x86

334aa21cc3d6f65be040701a500cecf5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetLocaleInfoW
CreateProcessW
GetLongPathNameW
SetEnvironmentVariableW
PeekNamedPipe
GetProcessAffinityMask
FileTimeToDosDateTime
FlushViewOfFile
DeviceIoControl
GetDiskFreeSpaceW
GlobalGetAtomNameW
DisconnectNamedPipe

user32

DrawTextExA
MapWindowPoints
TranslateAcceleratorW

shell32

ExtractIconA

Exports

Exports

CPlApplet

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 717B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ