c8ec2aee1e6b3b1aa46f5c6dcf9c7110_JaffaCakes118 | Triage

Sharing

General

Target

c8ec2aee1e6b3b1aa46f5c6dcf9c7110_JaffaCakes118
Size

320KB
MD5

c8ec2aee1e6b3b1aa46f5c6dcf9c7110
SHA1

3edc2c3cbd1cd08b5e34b21433e5658e81f99f0d
SHA256

11d6703c422ba5ff6cbc0f40c5099a283dfd70fed43d1265366a4919201c6ce0
SHA512

bcf3539eb041f0549e8ef569b497182b69f514defecca161bbc9c67c54cfb3f2a72a84a86c695a2187924b45851c72fc86b30e9a9c0b317f10c336263e53837d
SSDEEP

6144:OaM65wVpzY9WKgRP2Ba6k0UwLBlZtR7ynoOyzzR42eAgA:OffY0P2BfxjhOQe67

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8ec2aee1e6b3b1aa46f5c6dcf9c7110_JaffaCakes118

Files

c8ec2aee1e6b3b1aa46f5c6dcf9c7110_JaffaCakes118
.dll windows:5 windows x86 arch:x86

2ba9fdebd2889a2f1b35f1c626ccd0ae

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

GetFocus

rasapi32

RasEnumAutodialAddressesW

oleaut32

GetRecordInfoFromGuids

advapi32

RegCloseKey

kernel32

GetModuleHandleA
LoadLibraryW
GetModuleHandleW

Sections

.rdata0
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Rdata
Size: 4KB - Virtual size: 942B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 180KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt2
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ