dfc81b35e01c206a79621a87e49fca1c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dfc81b35e01c206a79621a87e49fca1c_JaffaCakes118
Size

84KB
MD5

dfc81b35e01c206a79621a87e49fca1c
SHA1

0d1f8373bbdc33af83286b41357c61ccfa5ecad4
SHA256

6c454e464955aa8944af19875a84ec4ec407c49ede9e700f9738fc992cb57350
SHA512

991446e764eb0105d9a363ce4abef83993545efc7ac6ab0b5e25310f672d0d417d0406919fb3d5da0c698455106148dee0de647c43c4565594a1a6600f2d8e4e
SSDEEP

1536:o9H49FCgC4Ca60zgSfb/J2aTGxE2BELjvi12KW5BVmbcmgnz:o96CX4i0ECb/J7TGxE2qHq2Kobw1a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfc81b35e01c206a79621a87e49fca1c_JaffaCakes118

Files

dfc81b35e01c206a79621a87e49fca1c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

054b340735b4fcf496f72d3d953ef921

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapCompact
CreateFileW
VerLanguageNameW
FileTimeToLocalFileTime
CreateActCtxW
LoadLibraryA
BindIoCompletionCallback
QueueUserAPC
GetProcAddress

ole32

CoImpersonateClient

user32

GetMessageExtraInfo
SetWindowTextA
MapVirtualKeyExW
GetMenuCheckMarkDimensions
LoadBitmapW
GetScrollPos

shlwapi

SHRegGetUSValueW
StrFormatByteSizeW
StrStrA
PathSetDlgItemPathW

advapi32

NotifyChangeEventLog
StartServiceW
InitiateSystemShutdownW
GetAclInformation

gdi32

FillPath
SetBitmapBits
GetPaletteEntries
CopyEnhMetaFileA
SetGraphicsMode
CreatePenIndirect
UnrealizeObject
EnumFontsA

Exports

Exports

NativenetServ

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ