3e49c6062af7e8478fa3806301f760b8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e49c6062af7e8478fa3806301f760b8_JaffaCakes118
Size

162KB
MD5

3e49c6062af7e8478fa3806301f760b8
SHA1

c4719583ebaca0a14258d7651e682ab2ecd60061
SHA256

cb79032718cf1aa585084fa3fbaf7f75e65574266d344698c11236f5b825c565
SHA512

8e6c74b10cf426df3adcabdb09680c6f3e39d594456f90a8450dd7de207ac8efe67008561867d27ab7e6696c28dcd3d4fc0d9bb4ef5d1e8d9ff273c197cc3f44
SSDEEP

3072:8VW050CDERmrEvth5JNUpG5ofTjfgTSgXpOz2sRPwiW2ijxkgAD6kj5:8/50CDZKfPgfTT8Sra+JWPjpADl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e49c6062af7e8478fa3806301f760b8_JaffaCakes118

Files

3e49c6062af7e8478fa3806301f760b8_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a629ebd86684de4ffe04ea84d8aa10ff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
EnterCriticalSection
ExitProcess
FatalAppExitA
GetACP
GetCommandLineA
GetDateFormatA
GetModuleHandleA
GetOEMCP
GetProcessAffinityMask
GetStartupInfoA
GetSystemInfo
GlobalMemoryStatus
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
InterlockedExchange
LoadLibraryA
MultiByteToWideChar
OpenProcess
ResetEvent
RtlUnwind
SetEndOfFile
SetFilePointer
SetLastError
SetUnhandledExceptionFilter
TerminateProcess

user32

IsIconic
EndDeferWindowPos
SetClassLongA
SetUserObjectSecurity
SetCapture
GetScrollInfo
DrawEdge

comdlg32

PageSetupDlgA

Exports

Exports

W32N_OpenProtocolDriver

Sections

.text
Size: 101KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ