0490c2beb174dc0c235587de19527ee7_JaffaCakes118 | Triage

Sharing

General

Target

0490c2beb174dc0c235587de19527ee7_JaffaCakes118
Size

84KB
MD5

0490c2beb174dc0c235587de19527ee7
SHA1

77a63c87417882d04f564565c857f2c392e8dc85
SHA256

efae29533f44abd170e272b8c401db668200d9a27017345fa27c8366728b6dc8
SHA512

408ed5fa037d7847b9f5528030aeb7a10f17e634cf83571bea1a56d97c015f06fdc5d46f0eb7199c27f47be69a4cd6389170bc3b5add43f033e0eaa1e5fba596
SSDEEP

1536:BArTZBvmcabIbPJHXy7NDyXJ6dGmFeBblcCatx25:4T/uP0HsD4EeLcvxW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0490c2beb174dc0c235587de19527ee7_JaffaCakes118

Files

0490c2beb174dc0c235587de19527ee7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3a966ff32567a49d18f668ef3d331cab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
ChangeTimerQueueTimer
GetVolumePathNamesForVolumeNameW
LocalUnlock
FindFirstFileExW
FreeEnvironmentStringsW
SetNamedPipeHandleState

user32

InvalidateRgn
MapVirtualKeyW
ChildWindowFromPointEx
SystemParametersInfoW
DefFrameProcW
InsertMenuA

shlwapi

PathFindFileNameW
PathUnquoteSpacesW
StrChrIW
wnsprintfW
PathFindFileNameA

shell32

ShellExecuteA

Exports

Exports

CPlApplet

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 825B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ