bf31164a5deaee1cac41ac616c681fff_JaffaCakes118 | Triage

Sharing

General

Target

bf31164a5deaee1cac41ac616c681fff_JaffaCakes118
Size

184KB
MD5

bf31164a5deaee1cac41ac616c681fff
SHA1

8a1834ea5caf714f8a908e365cf64ba6f28fad95
SHA256

31a1e7f5ea357885fd7c9e624ead84802c3e6cc06b4b68dcf68e03ed4f308f6a
SHA512

e09591fd5efce81bf9a564e7b17bccb0d4a4cbdd4e8d9fa1cc7dd3deb616c337948b11f7ff57b7fd632c32ef94a13471adbec1bc4aad6354fb864e9f42e02627
SSDEEP

3072:Xb51A6VG71Eq55xw1jgDlO1poE2rm4coM+cxJdfhRlmg5e:Xb7tghEq3xw1j4kpP2rmLffxvfhRlme

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf31164a5deaee1cac41ac616c681fff_JaffaCakes118

Files

bf31164a5deaee1cac41ac616c681fff_JaffaCakes118
.dll windows:5 windows x86 arch:x86

8742cdbb7107c49bd94093e149d7e0d4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

GetFontData

user32

ShowOwnedPopups

advapi32

RegOverridePredefKey
RegisterEventSourceW

kernel32

GetModuleHandleW
GetModuleFileNameA
LoadLibraryExA

msvcrt

memset

oleaut32

VarBstrFromDec

Exports

Exports

FWroeeWqoinnmw

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ