11dd86d6c5e985656d3aaea3b5985a04_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11dd86d6c5e985656d3aaea3b5985a04_JaffaCakes118
Size

83KB
MD5

11dd86d6c5e985656d3aaea3b5985a04
SHA1

83c0d8f49786a1e82bb5b5a55ab80ab435cf4b17
SHA256

716a6b569d1beeb8b3e305d1db6f53715db141314f6d208469673a7ce08f968f
SHA512

1554cbfbb167e8519af81281a22940440e9bd1a5b1c3f62d6ca507f3de28d27c26819d8aca6b66154c54977e95921f7e664aaf040eeb347cf77d71edc6a07265
SSDEEP

1536:4odnEQIruHAVTLi3y23JsJDkhVbEz2AUCI2OqrsHDaq0bgQ76fZ0:tREQSugBLkhCDkhV4yAU0reDat762

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11dd86d6c5e985656d3aaea3b5985a04_JaffaCakes118

Files

11dd86d6c5e985656d3aaea3b5985a04_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1ef5d709feee3500bd5f4f38f722d7f3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
GetACP
GetCommandLineA
GetCurrentProcessId
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetVersionExA
GlobalAlloc
HeapAlloc
HeapCreate
HeapReAlloc
IsDebuggerPresent
MultiByteToWideChar
RtlUnwind
SearchPathA
SetLastError
SetUnhandledExceptionFilter
WriteFile
lstrcpynA

user32

TranslateMessage
MoveWindow
LoadStringA
GetSysColor
GetDesktopWindow
FindWindowA
DrawFrameControl
CreatePopupMenu
wsprintfA

ole32

CoCreateInstance
CoGetMalloc
StringFromGUID2
CreateAntiMoniker
CoCreateGuid

advapi32

OpenSCManagerW
ReportEventA
RegCreateKeyA
GetSecurityDescriptorRMControl

shfolder

SHGetFolderPathA

Sections

.text
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ