4aeafa262b7c1d9806c8a693bead54a2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4aeafa262b7c1d9806c8a693bead54a2_JaffaCakes118
Size

668KB
MD5

4aeafa262b7c1d9806c8a693bead54a2
SHA1

ed69220e35131d0bbc7da35b6d8b9ccb3cc0cc83
SHA256

573eaa168a853b806f09b44d7d7ec5bfe5739148d97bb944770118e8ada0f06b
SHA512

4fa2bff6fdc1fe0cb2cd3d3cc25d9ef990f6d572a4b1a9def1ab266cca599de0ab193f1bc8e04d71a331e4c0bb093d4fe3b55ac8b97b59cca5e27909e6c1f04b
SSDEEP

12288:k3kxNt2ZhdOXUsZsG8fdPIbBKSUALPU0GcuLbRRnTF563FwrSkwe0adTkvOwWrvM:k3U2Z//sqdwbBlUA3CbrTF561wrSkwfD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4aeafa262b7c1d9806c8a693bead54a2_JaffaCakes118

Files

4aeafa262b7c1d9806c8a693bead54a2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5f1de901db7bae564575a12150931689

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

DestroyMenu
DestroyIcon
DestroyCaret
CreateMDIWindowA
CreateIconFromResourceEx
CreateDesktopA
CloseWindow
ChangeMenuA

kernel32

FreeResource
lstrlenA
lstrcmpA
VirtualAlloc
UnmapViewOfFile
SetLastError
SetEndOfFile
RtlUnwind
OpenFileMappingA
CloseHandle
EnterCriticalSection
EnumResourceLanguagesW
EnumResourceNamesA
ExitProcess
FindResourceA
GetCommandLineA
GetLocalTime
GetSystemTime
GetTimeFormatA
LeaveCriticalSection

Exports

Exports

DllCanUnloadNow
DllGetClassObject
InitSecurityInterfaceW
LsaApCallPackage
LsaApCallPackagePassthrough
LsaApCallPackageUntrusted
LsaApInitializePackage
LsaApLogonTerminated
LsaApLogonUser
LsaApLogonUserEx
SpInitialize
c
f
o
s

Sections

.text
Size: 408KB - Virtual size: 408KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ