1381d29a2a7813dce46d209fca326ace_JaffaCakes118 | Triage

Sharing

General

Target

1381d29a2a7813dce46d209fca326ace_JaffaCakes118
Size

184KB
MD5

1381d29a2a7813dce46d209fca326ace
SHA1

9e0daf0d291607b579c4e5454dfa043897154233
SHA256

325fdd0892e441fd7524b98fdb12c7a788e46e6fba29c188d38e897460d86afe
SHA512

bd2acfa081387242c4ebea8e678ee1f0fbc67db6dd5066b77bc039d49cf71edcda1211ab9507a613d6cc681ab158272a8c5a1d121ace235f1864ab5b2f62f460
SSDEEP

3072:BoPiHI0b3EcyGgkwMBk7aZcRtEwMn4q1jGohwHHSjyDmIY:BoP6I0FgkwMWNYKb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1381d29a2a7813dce46d209fca326ace_JaffaCakes118

Files

1381d29a2a7813dce46d209fca326ace_JaffaCakes118
.dll windows:5 windows x86 arch:x86

1164f215ee306a8309de0f5f9b374fef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ShowOwnedPopups

advapi32

RegOverridePredefKey
RegisterEventSourceW

gdi32

GetFontData

kernel32

GetModuleFileNameA
GetModuleHandleW
LoadLibraryExA

msvcrt

memset

oleaut32

VarBstrFromDec

Exports

Exports

FWroeeWqoinnmw

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ