28fb3f243ca449dc1216ee3268c1cea7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28fb3f243ca449dc1216ee3268c1cea7_JaffaCakes118
Size

84KB
MD5

28fb3f243ca449dc1216ee3268c1cea7
SHA1

b8152ccccfcaa932bb347423d70c7188dc4154ae
SHA256

000cf8518478f13d4a697a3208d68bb07b44cb897b855367b49f93e043083c47
SHA512

4db389cad538f3f15f5df1da84e357879791302a159e0e7d12b21c0afbeae887df9134d5f5d35bc2f8168663846a33c1f231e1bfd2f2162cec4bba92e4a6bc80
SSDEEP

1536:iKxwT7lIxpLbjornB1sjKIqvcf0zm5+EnkHPZTKDLKQE:idT7lyeB6dqUszm5whTKDLKQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28fb3f243ca449dc1216ee3268c1cea7_JaffaCakes118

Files

28fb3f243ca449dc1216ee3268c1cea7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

60d435fec53016113c8ddb579818d9ee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetAtomNameA
SetEndOfFile
GetTempPathA
WaitForMultipleObjects
ActivateActCtx
GetWindowsDirectoryW
LockResource
QueueUserWorkItem
CreateNamedPipeW
GetLongPathNameW
GetProcAddress
SetErrorMode
LoadLibraryA

gdi32

GetTextExtentExPointW
PolylineTo
ArcTo
GetGlyphOutlineA
EnumFontFamiliesA
OffsetViewportOrgEx
ExtFloodFill
CreateFontA
RemoveFontResourceA
SetTextAlign

Exports

Exports

CPlApplet

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 775B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ