8e2682fa11c9592fb7cfd048d02b93ec_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8e2682fa11c9592fb7cfd048d02b93ec_JaffaCakes118
Size

295KB
MD5

8e2682fa11c9592fb7cfd048d02b93ec
SHA1

70d1d672edacf76c88d8a665a0a758202685adde
SHA256

184d7e10e57e3d6d8a1db78f866d4debc067c1104689f53379dfbc24929192ad
SHA512

6c865572b34a3bde1b5fd983250a32bdd37e1d7b5fa6e0cb93d4de2fd7b4e35d378ce1c7fa8a2a7e9be3ed98093261705901b1d322076ada95e3c41e60c6e452
SSDEEP

3072:xmkpmZS5cr2XdDh/voxIxl44cOjMwSSyTKMMiU1m9:z5DDZAqlJjZSHTKNP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e2682fa11c9592fb7cfd048d02b93ec_JaffaCakes118

Files

8e2682fa11c9592fb7cfd048d02b93ec_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ccfbf68d3dbbf873122532bdd9d17cc8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

VariantCopyInd
VariantClear
SysFreeString
SysAllocStringLen
LoadTypeLib

advapi32

CloseServiceHandle
CreateServiceA
DeleteService
InitializeSecurityDescriptor
OpenServiceA
QueryServiceStatus
SetSecurityDescriptorDacl
AdjustTokenPrivileges

ole32

CoCreateGuid
CLSIDFromProgID
CoRegisterClassObject
CoTaskMemAlloc
CreateDataAdviseHolder
OleGetClipboard
OleSetClipboard
ProgIDFromCLSID
RegisterDragDrop
WriteClassStm
CoGetClassObject

kernel32

lstrcatA
UnmapViewOfFile
SetEndOfFile
LeaveCriticalSection
GetStartupInfoA
FlushFileBuffers

Exports

Exports

Gsx
Hid
Nvf
Pcw
Shi
Sws
Viz
Wqw
Ydo
Ylv

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 173KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ