JaffaCakes118_a574f78137fe24d84ab543d0847985812e37ed2e74b8b57c70da962031ed388c | Triage

Sharing

General

Target

JaffaCakes118_a574f78137fe24d84ab543d0847985812e37ed2e74b8b57c70da962031ed388c
Size

170KB
MD5

422ab2b5904ec6ef7d647f5962555f37
SHA1

88b3a90fc6692631e17f0d02b78caf8f80ae5449
SHA256

a574f78137fe24d84ab543d0847985812e37ed2e74b8b57c70da962031ed388c
SHA512

c3b21031cca2009765a96407d885b805c0f2027b73065a93c46af106942c19292fc82fd1608f4085e28a243cbe443d9a29f9846294a1ebf784cbce4d7c208c93
SSDEEP

3072:3V/jTmL3X6TLhgZBxbvRS1ebSi75S5NNZ4n+whXVM9MWdo8erj:3V/jTe38LiI4Oi75izyn+4lm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_a574f78137fe24d84ab543d0847985812e37ed2e74b8b57c70da962031ed388c

Files

JaffaCakes118_a574f78137fe24d84ab543d0847985812e37ed2e74b8b57c70da962031ed388c
.dll windows:5 windows x86 arch:x86

60cac63ce565dc8e9520aaf7ad1d9bd7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegOverridePredefKey

msvfw32

ICImageDecompress

user32

OpenWindowStationW
TranslateMessage

opengl32

glNormal3f

ole32

OleSave

kernel32

GetModuleFileNameA
CloseHandle
OutputDebugStringA
DefineDosDeviceW
WaitNamedPipeA

ws2_32

accept
WSACleanup

setupapi

SetupDiDrawMiniIcon
SetupDiClassGuidsFromNameA

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 10KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ