a2dd98f6dc9eeffe5dea12beee8914df_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a2dd98f6dc9eeffe5dea12beee8914df_JaffaCakes118
Size

868KB
MD5

a2dd98f6dc9eeffe5dea12beee8914df
SHA1

d72ca20010dec0b9b6281b8ff7f338722586688d
SHA256

2ee68a7927caaccb354364b4c634bc91869eaf7fae778e84770c3795b389b192
SHA512

c659718ecb1c38c29f0fa56c92db494374bd27dc668f71af904501801e3ac7446243b41bd80fdb551d8cc0151521f03ff1ec2d4822c2c019dcd312e4ecf63b6c
SSDEEP

24576:8CR8osW/Y2Bfaox6ZSwgvfqnp6myRv7tY9IYR:8Kv/t1H6Zrg6p6myRv7tY9IYR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2dd98f6dc9eeffe5dea12beee8914df_JaffaCakes118

Files

a2dd98f6dc9eeffe5dea12beee8914df_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ad02a65102adf5e712bbf46f6299f678

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

shell32

Shell_NotifyIconA

winmm

sndPlaySoundA

Exports

Exports

DllRegisterServe
DllUnregisterServe

Sections

CODE
Size: 857KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE