2da265d472d27d94b49491f42bbdc5bc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2da265d472d27d94b49491f42bbdc5bc_JaffaCakes118
Size

85KB
MD5

2da265d472d27d94b49491f42bbdc5bc
SHA1

e66ea479a94d23a427da9afe849a8bba138f1eea
SHA256

bbe80b69878d8bf73b861eb808111d921a994843dfb682225d1c26374873a7ae
SHA512

53135e27f917f93d0b1e000dbe991063aa8f83584d8a19c2d7459fdd356f4eef3b38775bf3458f36a4409ae6ea7b90a758f7e49f71bc48326092e5cf0fc0aef8
SSDEEP

1536:v3eDNcyJHPapZhJsPwHWys3T5KigiBWLbyyOR4l3L1LE4:v3ONJHCpi4CDYriciyJlb1Ln

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2da265d472d27d94b49491f42bbdc5bc_JaffaCakes118

Files

2da265d472d27d94b49491f42bbdc5bc_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b66ce8d837236f27ca01f8fc84c4b7e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

gdi32

UnrealizeObject

shell32

ShellExecuteA

wininet

InternetSetOptionA

Exports

Exports

CPlApplet

Sections

.text
Size: 79KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE