JaffaCakes118_058387f10c342e7faa493b7f4ad6c67d64b8e231280658a15dadd21c233ac654 | Triage

Sharing

General

Target

JaffaCakes118_058387f10c342e7faa493b7f4ad6c67d64b8e231280658a15dadd21c233ac654
Size

175KB
MD5

b5ba38519f0a64c10b132399f0828782
SHA1

77f77a13b1b97a1f395e0d927b84ccacbeb2805f
SHA256

058387f10c342e7faa493b7f4ad6c67d64b8e231280658a15dadd21c233ac654
SHA512

71d68fa88dce867499d82ec24a6c5ef16b8c4e787f0c75d626af22948183361fb0c59ee655dccc3a1e11da27ac3ac598180c4834c1a9cfc36a13a76c592676b2
SSDEEP

3072:gUmpydLCFTvpvHZPYhIK2eX0wb0i/WrNnjgu45JCVmy4igfz3UIpjXZ:HmgpyZKCheFR/S/4uVZYfz3UIpj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_058387f10c342e7faa493b7f4ad6c67d64b8e231280658a15dadd21c233ac654

Files

JaffaCakes118_058387f10c342e7faa493b7f4ad6c67d64b8e231280658a15dadd21c233ac654
.dll windows:5 windows x86 arch:x86

40b12a6e275f8f757b6cdc3ff6610d3b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

TranslateMessage
OpenWindowStationA

advapi32

RegOverridePredefKey

setupapi

SetupDiClassGuidsFromNameA
SetupDiDrawMiniIcon

ole32

OleSave

ws2_32

WSACleanup
accept

kernel32

WaitNamedPipeW
DefineDosDeviceA
CloseHandle
GetModuleFileNameA
OutputDebugStringA

opengl32

glNormal3f

Sections

.text
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ