3cb7e011757e513ec80b2f8d9d28d51a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3cb7e011757e513ec80b2f8d9d28d51a_JaffaCakes118
Size

1.8MB
MD5

3cb7e011757e513ec80b2f8d9d28d51a
SHA1

17279b856b9fc1f28c5243e41202f4718693f8c0
SHA256

63584a452df489f513598bf6053e2254667f2fc6ce5b8aa6c7912f91aaddf00b
SHA512

7f7e7c5af4cd1ab291a2ad26e1f74a49fb6d2677da5a183b7c80f3958fdeec0ac855de7f452dc38846f5158ba0bee5967a6df6b656d8b3d0347e9955abc8417b
SSDEEP

49152:9Eae6cA/h7UKQpRdH91sX2I1JC/8kAGAuvu:Xbcih7KXds2ITCJAuv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cb7e011757e513ec80b2f8d9d28d51a_JaffaCakes118

Files

3cb7e011757e513ec80b2f8d9d28d51a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d3ca1962dbd201c813fc2ccb99433947

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

shell32

Shell_NotifyIconA

winmm

sndPlaySoundA

wsock32

WSACleanup

netapi32

Netbios

Exports

Exports

DllRegisterServe
DllUnregisterServe

Sections

CODE
Size: 1.8MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE