3dda2bf50a0337aff9cc9c74fc873f46_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3dda2bf50a0337aff9cc9c74fc873f46_JaffaCakes118
Size

84KB
MD5

3dda2bf50a0337aff9cc9c74fc873f46
SHA1

d76ce2aa28fcef1e5892dd52f3ba575da94a1e9b
SHA256

3386e89b0fab2fcf2b5f5568ff16e60989e5aa78e7fcca16a34639561c55e223
SHA512

3b8c71e34d4a76a17aa5e0f8bb73db1cb9f63b9b1e18ba425e7e26bd4fabb7b42e54c1e914ec100a3601885d928dcfca3b8441e08085f93d09b7af2927b82f0f
SSDEEP

1536:GHjM5r5av7rLGAJd+85ZCjDx5xSX4OmC2kOPaxjX:jp49z5ZCfHxVOmC2kOCxj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dda2bf50a0337aff9cc9c74fc873f46_JaffaCakes118

Files

3dda2bf50a0337aff9cc9c74fc873f46_JaffaCakes118
.dll windows:4 windows x86 arch:x86

cda64fd0e44fee9f47ad9e241d206f8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalUnlock
GetLocalTime
InitializeCriticalSection
BeginUpdateResourceA
GetStringTypeW
GetTempFileNameW
GetProcAddress
GetCPInfo
LoadLibraryA

user32

WindowFromDC
MsgWaitForMultipleObjectsEx
GetDlgItemTextA
RegisterHotKey
DestroyCursor
OpenWindowStationA
AppendMenuW
OffsetRect

shlwapi

StrChrW
StrCatBuffW
PathStripToRootW

advapi32

OpenServiceA
RegLoadKeyA

Exports

Exports

CRLMousedrv

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 826B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ