4b8b0e6cd0d09f2ae4ca1c6f36b63081_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4b8b0e6cd0d09f2ae4ca1c6f36b63081_JaffaCakes118
Size

84KB
MD5

4b8b0e6cd0d09f2ae4ca1c6f36b63081
SHA1

7547eb0bb74fb541fdabe3e5b8dc434043be0e13
SHA256

baf483fb9a80a6c60f21cd7995413ade1b78f00a21f1ce358a8624c09d5ff162
SHA512

8c0e191e620c4c504ac899a47e4b19705332eb773a65a233be951c01fd60d981e6da79a4924cd77dbabd7f84bf7e46de50d61237a03a696e6eeb9629a5664feb
SSDEEP

1536:wJR9kVpCoErM0fW3vDmHNXpmrIhTVD05PfxjQ3lsLXAO/B:k9k2oErM0fWaHZpySRaZjOlsLLB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b8b0e6cd0d09f2ae4ca1c6f36b63081_JaffaCakes118

Files

4b8b0e6cd0d09f2ae4ca1c6f36b63081_JaffaCakes118
.dll windows:4 windows x86 arch:x86

996d79cfe8a78e4f9128a6083bc2f9ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsBadStringPtrA
GlobalGetAtomNameW
GetThreadTimes
HeapCreate
GetFileType
GetLogicalDriveStringsW
IsValidCodePage
GetDefaultCommConfigW
CancelIo
MoveFileA
LoadLibraryA
LockFile
GetProcAddress

ole32

CoFreeUnusedLibrariesEx
ReadFmtUserTypeStg
CreatePointerMoniker
RevokeDragDrop

user32

GetParent
GetDC
CreateDialogParamA
GetFocus
WindowFromDC
SetRect
CreateWindowExA
DestroyAcceleratorTable
IntersectRect

advapi32

RegReplaceKeyW
OpenSCManagerA
StartServiceCtrlDispatcherA
EnumServicesStatusExW
SaferCreateLevel
OpenEventLogA

shell32

ShellExecuteExA
SHGetFolderPathAndSubDirW

Exports

Exports

CPlApplet

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ