JaffaCakes118_570cc045bb9d945ca5e66ed76c80448d2c37f9a9073737057323b6e300592180

General

Target

JaffaCakes118_570cc045bb9d945ca5e66ed76c80448d2c37f9a9073737057323b6e300592180
Size

458KB
MD5

3cbbb7d2ea4bb95aab6c4de5c55089d1
SHA1

c81cbb504fe502d829ee221ff57942c9c3029861
SHA256

570cc045bb9d945ca5e66ed76c80448d2c37f9a9073737057323b6e300592180
SHA512

d40c8f404d8b87f3d1c5e077a0137e9be7eb54b4c9d02ebb3e98c56509f864a73aeb8e24e64196b2cb010e99e0efe56317dd81ff318900aea6d05fabbd7a0fbf
SSDEEP

12288:ufBBtfewdahbO29W/BTmvZuDflxdwqs8a6DX:ufBBtfAL9WJTmSdwqRZ

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/clutch-32.tmp

JaffaCakes118_570cc045bb9d945ca5e66ed76c80448d2c37f9a9073737057323b6e300592180
.zip
clutch-32.tmp
.dll windows:6 windows x64 arch:x64

93406070e8f82caaf6ed319d32395794

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

gdi32

CreateBrushIndirect
GetTextCharacterExtra
GetTextCharset
GetGlyphIndicesA
GdiGetBatchLimit
GetICMProfileW
Chord

msvfw32

ord2
ICInstall
ICGetInfo
ICSendMessage
ICDecompress
ICDraw
DrawDibStart
GetOpenFileNamePreviewW

Exports

Exports

A4COce1ujFb
AcxGpz
B2GHGNnvPg2
BeNLJAyZnN8
Bh012VLJC0z
Bjaskkas
ChAxTmVaL
D0ezwQ2kXP
D5FfBQIWDz
JgwdTv13Af
K3CXYLz
KnyyXGLIr2Y

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
core.bat
license.dat