130898f3e997aa4b0966a0dc418c6add_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

130898f3e997aa4b0966a0dc418c6add_JaffaCakes118
Size

381KB
MD5

130898f3e997aa4b0966a0dc418c6add
SHA1

e8a5e497d841708af54070f4c5b14f2ed92b3135
SHA256

02bd6177832fc43487f3b75471519a22dff21923f2741e6f8dd1f6c73ca5af7f
SHA512

7b26dcab13af1f41c22e3875c41c0a27a98fef24e505865378dbf9519b152fb7bac9e7198667d83ee3b23e5d1664e6515623053e4966143ecf323e110a6ecd01
SSDEEP

6144:tfgDKwx3zGY0DmVUWg6wGpP9mbTWVBK2OYUdU49Gh4q1aBqveT9WS/kRYtknw2F:tCvVzGBD+9QukbqVBK2OYUdU49a4KZeY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
130898f3e997aa4b0966a0dc418c6add_JaffaCakes118

Files

130898f3e997aa4b0966a0dc418c6add_JaffaCakes118
.dll windows:4 windows x86 arch:x86

17f5bd48e7bfd265cc3a30fc7f2233a4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

OpenClipboard

gdi32

CreateRectRgnIndirect

winmm

waveOutReset

winspool.drv

ClosePrinter

advapi32

RegQueryValueA

shell32

Shell_NotifyIconA

ole32

OleUninitialize

oleaut32

SysAllocString

comctl32

ImageList_Destroy

ws2_32

ioctlsocket

comdlg32

GetFileTitleA

Exports

Exports

RunDllHostsallBack
_��ӳ��

Sections

.text
Size: 369KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE