JaffaCakes118_1ef8c2efbfccbd720e220136da83f47f745bc3e2814bb8d487c1138065467469

General

Target

JaffaCakes118_1ef8c2efbfccbd720e220136da83f47f745bc3e2814bb8d487c1138065467469
Size

32KB
MD5

284d7cb92e3c3f66d4a0dc6328f267f1
SHA1

4540c43e1c04cb83e95e3c0d612c3f0f36c24761
SHA256

1ef8c2efbfccbd720e220136da83f47f745bc3e2814bb8d487c1138065467469
SHA512

e46b6f3f7cee5a68d2d9c9976bf9a961fb85b3cc8df66eae91e096b16b7d7248434510ef21e16b72eee8b56d969934a4f0d7a222cc4147d9fbf0a6eae728ff1a
SSDEEP

768:YKIZlurr4ceggEbsUvuw8kuQ54ISSnsLVsC+XXxoX:476eggxlSsLiCOXyX

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/a60c5cc2e8c00dcc490cbfe2c6664357f6784f275accb5e41de6f2b3748bff06

JaffaCakes118_1ef8c2efbfccbd720e220136da83f47f745bc3e2814bb8d487c1138065467469
.zip

Password: infected
a60c5cc2e8c00dcc490cbfe2c6664357f6784f275accb5e41de6f2b3748bff06
.dll regsvr32 windows:6 windows x64 arch:x64

df144dabc777262cb4b8703b24b2e61b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

shlwapi

wnsprintfA
StrStrA

kernel32

Sleep

user32

SendMessageA
SetTimer
GetForegroundWindow
GetWindowTextA
MessageBoxW
GetSysColor
GetClassNameA
SystemParametersInfoA

Exports

Exports

DllRegisterServer

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ