3fd6ff309eb30f6559620801b85093ff_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3fd6ff309eb30f6559620801b85093ff_JaffaCakes118
Size

1.7MB
MD5

3fd6ff309eb30f6559620801b85093ff
SHA1

152576e523af7b1b19ce2189b41f8a37b9c991f2
SHA256

630bddb9e4f8acef519212c0cfc4163b47dee16d4a496d28b98ba5492dba71c4
SHA512

e0467ae4baff5803cf3f4b684617532e1f14de6a33db1ef4ed52388272c76bd8748d93dcd62a6d3aacb948e91832edbdbee96acf4855db9906a04ca55a112934
SSDEEP

49152:BAKC74bu1q3ecfRDa3HpNRhfsu9Jecm8QHnm6+m:BAiK1uzo3HpniyJecm8QGe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fd6ff309eb30f6559620801b85093ff_JaffaCakes118

Files

3fd6ff309eb30f6559620801b85093ff_JaffaCakes118
.dll windows:5 windows x86 arch:x86

71cc98c6696fa1108838f73ec3c1e3a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnumResourceTypesW
RtlMoveMemory
GetDateFormatA
LoadLibraryA
GetEnvironmentVariableA
CreateFiberEx
GetProcAddress

user32

GetMenuState
CallMsgFilter
TrackPopupMenuEx

gdi32

CreateCompatibleDC

Exports

Exports

jqzbvcjffsbdwc
nwoxrewgmp
qpwdbxjio

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ