3f2595ea11ec3a2049221887f041c182_JaffaCakes118 | Triage

Sharing

General

Target

3f2595ea11ec3a2049221887f041c182_JaffaCakes118
Size

36KB
MD5

3f2595ea11ec3a2049221887f041c182
SHA1

baa93583cf259e4c7c88ffe78406a1ee20e77870
SHA256

74f8de7c8f6f54e7d41d0013cfcc9a900b3ba08d4acdd6a5d2b5a0ed9baf19c4
SHA512

171842f7decf1df15f15703f46d567ade3cef7a598a4554d69c8855a0bcd20e5b39de0b00a97ac598f1b70a20699580bedd3ef190aa4a453c2fad307728d126d
SSDEEP

768:i/7sLGhAGgxys86J6mKRiFO1unNhCLzr:i/7sihAGgxys86omgiYuhCLzr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f2595ea11ec3a2049221887f041c182_JaffaCakes118

Files

3f2595ea11ec3a2049221887f041c182_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

adeba9f818f7e1770b5dd9c4db8e1f03

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesW
GetVersion
OutputDebugStringA
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetSystemDefaultLangID
LoadLibraryA
SetLastError
GetProcAddress
GetLastError
LoadLibraryW

user32

MessageBoxA
SendDlgItemMessageA
GetDesktopWindow
GetWindowRect
SetForegroundWindow
SetWindowPos
GetClientRect
FillRect
EndDialog
LoadStringA
SetPropA
GetPropA
DialogBoxParamA

gdi32

CreateSolidBrush
SetBkMode
DeleteObject

shell32

ShellExecuteA

shlwapi

SHGetValueA

msvcrt

_initterm
free
__CxxFrameHandler
_except_handler3
??3@YAXPAX@Z
malloc
_adjust_fdiv

Exports

Exports

DllRegisterServer
DllUnregisterServer
TWControl
TWInit

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1010B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ