bbce07744ca951289166b8487e8411ff_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bbce07744ca951289166b8487e8411ff_JaffaCakes118
Size

84KB
MD5

bbce07744ca951289166b8487e8411ff
SHA1

d696a0da66302b291d9ba06169ed0cab994f9c38
SHA256

ae5f9cd158b0330dfa4c6c1c0b8add7c277c6e7cac8203c86e5e1e353e8ff312
SHA512

849bed43e952becd792c036401978e5605ed739e1ebde54c35ccfd1122e20e312577c2cb3f31d36f07296d90e2bb34b0f7d34e18e92f6acdc7f8777318bd677d
SSDEEP

1536:du3H5SkrOt5IQMIjDFaNIBd8xgmZMMk5Hs0I0T:KHVIIJNI2g0q5HsL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbce07744ca951289166b8487e8411ff_JaffaCakes118

Files

bbce07744ca951289166b8487e8411ff_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d36375bc85809fffff23356847a0cf13

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalFlags
IsDBCSLeadByteEx
SetEndOfFile
GetProcAddress
LoadLibraryA
InitializeCriticalSection

user32

GetAsyncKeyState
ShowWindow
GetSubMenu
GetScrollInfo
OffsetRect
SetCursor
DrawTextA
GetMenuDefaultItem
GetSysColor

shlwapi

wnsprintfW
PathStripToRootW
StrRChrW
PathFileExistsW

advapi32

SaferSetLevelInformation
ElfReportEventW

gdi32

CombineRgn
GetStretchBltMode
SetAbortProc
Pie
StartDocW
SetTextColor
GetWindowExtEx
SetRectRgn

Exports

Exports

CPlApplet

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1019B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ