452ff55c7aa5b711e00889df51b140b7_JaffaCakes118 | Triage

Sharing

General

Target

452ff55c7aa5b711e00889df51b140b7_JaffaCakes118
Size

18KB
MD5

452ff55c7aa5b711e00889df51b140b7
SHA1

c353cdd7d544afca40e6c1d4528f45c598ac9c00
SHA256

4bd31631bc60db04cd3a426661f0e2428308670ddfae22b0b37408b995926ec6
SHA512

d49b34e2749b0cdc8e39e9045fadda3af5e29fcff0f9f3bdd56da4271e29516ce34be289c9ed505f3fae5f23d18b8aaf3a2edcc54efb08aa1ddd1db640c276b3
SSDEEP

384:aphp2dGpDqOIjQRMWAOWOEZ5hYBIjUg6VWIczPOL+wNk4YFy1pcEP:abpUGpoERMP9OiYaIEPy+wN4U1p7P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
452ff55c7aa5b711e00889df51b140b7_JaffaCakes118

Files

452ff55c7aa5b711e00889df51b140b7_JaffaCakes118
.dll windows:1 windows x86 arch:x86

6dfb052889c6ed998337005a552398fb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

IsWindowVisible
SendDlgItemMessageW
InflateRect
RegisterClassExW
GetScrollRange
PackDDElParam
GetDC

oleaut32

VarUI2FromR4
VarI1FromR4
VarDecFromUI2
VarI2FromR8
VarDateFromBool
VarUI4FromCy
VarDecCmp
VarUI4FromI4

shell32

RealShellExecuteExW
ExtractIconResInfoA
SheShortenPathW
Shell_NotifyIconW
SHCreateProcessAsUserW
DragAcceptFiles

advapi32

RegNotifyChangeKeyValue
GetSecurityDescriptorGroup
LsaLookupSids
AddAuditAccessAceEx
GetExplicitEntriesFromAclA
LsaLookupNames
RegCreateKeyA

gdi32

PathToRegion
GetTextMetricsA
CreateEnhMetaFileA
Polyline
EudcLoadLinkW
StrokeAndFillPath
TextOutA

Sections

.text
Size: 7KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE