JaffaCakes118_3ecc6db17a065b40c6bcf1054a1719fc8a717e1becce18754856ca706841d8f9 | Triage

Sharing

General

Target

JaffaCakes118_3ecc6db17a065b40c6bcf1054a1719fc8a717e1becce18754856ca706841d8f9
Size

184KB
MD5

252e77b7f1e5128036d274a58ebb63cf
SHA1

54d6ebd17877de4dcb43b01dd841c0d2c1689439
SHA256

3ecc6db17a065b40c6bcf1054a1719fc8a717e1becce18754856ca706841d8f9
SHA512

922baa2763446add31dd3e23d1926c417117031f46c2fe7158d31900ac2fb46b3a0457bcaa08aa0fe4ef374754544e8a78da66a6e56a09b0fc8acaae3fcd3c78
SSDEEP

3072:yuwfhNXphcqs2tJYsoa9Xibolk0CtPBU1jhhF8ZJ8fDo4KLlmsb:s7TXYsd9SkONU1jKGlwlm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_3ecc6db17a065b40c6bcf1054a1719fc8a717e1becce18754856ca706841d8f9

Files

JaffaCakes118_3ecc6db17a065b40c6bcf1054a1719fc8a717e1becce18754856ca706841d8f9
.dll windows:5 windows x86 arch:x86

dce27a370a9ee34c33d67042f8910974

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegisterEventSourceW
RegOverridePredefKey

gdi32

GetFontData

msvcrt

memset

oleaut32

VarBstrFromDec

kernel32

GetModuleHandleW
GetModuleFileNameA
LoadLibraryExA

user32

ShowOwnedPopups

Exports

Exports

FWroeeWqoinnmw

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ