3ac73136efbda8005ef495fa0d2a390a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ac73136efbda8005ef495fa0d2a390a_JaffaCakes118
Size

84KB
MD5

3ac73136efbda8005ef495fa0d2a390a
SHA1

c4bf9f2072fc9a38814f1031f34108b6069d7ac6
SHA256

9c253ae1e68b14f763475b16b67c54e0d8eafeae579f657b4aa8babc515964f1
SHA512

8dbf1cb722829f83ce4660665a55da3e7fb14085cbe9fe03611635c61db493a82aa47607e413d6fe14b2df90d387953c4a2e619a19392b27bcb71b20df7dd9dd
SSDEEP

1536:NbRJGiju7fR/7dBu5/d72V6HpBIU8Cz79djzmP:N3GiuzLQ/CU82HjzmP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ac73136efbda8005ef495fa0d2a390a_JaffaCakes118

Files

3ac73136efbda8005ef495fa0d2a390a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7cf0d1bd69f90b4b6458ecab90492bf5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetExitCodeThread
DeviceIoControl
SetFileApisToOEM
GetDiskFreeSpaceExW
RtlMoveMemory
GetProcAddress
GetStringTypeA
CreateMailslotW
GlobalHandle
LoadLibraryA

user32

LookupIconIdFromDirectory
GetActiveWindow
GetScrollRange
SetMenuItemInfoW
OpenWindowStationA
SetScrollPos
CloseDesktop

advapi32

RegConnectRegistryA

gdi32

CreateDCA
BitBlt
SetROP2
ArcTo
SetBitmapBits
GetOutlineTextMetricsA

Exports

Exports

AgereCommsmon

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 877B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ