JaffaCakes118_cd3ccd277f13ba562426cf81bb3fc1d1d10a17c2cbbb72dccb9a9590d2e82257 | Triage

Sharing

General

Target

JaffaCakes118_cd3ccd277f13ba562426cf81bb3fc1d1d10a17c2cbbb72dccb9a9590d2e82257
Size

164KB
MD5

5c1162a976a51431f131fdd42881e8c4
SHA1

b792e12c3d65bda1e7b8c67a057195a6d00ed865
SHA256

cd3ccd277f13ba562426cf81bb3fc1d1d10a17c2cbbb72dccb9a9590d2e82257
SHA512

8096ee085d98202b12a70d88a6a6ebe1deac110afafe4df64cb00a06ae662e5b74c10448314f9cdc8c5a3cf8726fe6fbc651df975e595f05f5b640860b433397
SSDEEP

3072:jBefihU8fQ2Sob/xg+eNV1A1I3aiI8i3GdVAzuECtNjP3/3ioP7y11a0E:jBefiv/12+2A1AIpFzxCtNjHSoPm11J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_cd3ccd277f13ba562426cf81bb3fc1d1d10a17c2cbbb72dccb9a9590d2e82257

Files

JaffaCakes118_cd3ccd277f13ba562426cf81bb3fc1d1d10a17c2cbbb72dccb9a9590d2e82257
.dll windows:5 windows x86 arch:x86

fc47fd76b9a60699eeca15d304e88a52

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProfileSectionW
OutputDebugStringA
OpenSemaphoreW
LoadLibraryW
CreateFileW
GetProfileSectionA
CloseHandle

rasapi32

RasGetConnectionStatistics

clusapi

ClusterEnum

ole32

CreateStreamOnHGlobal
CreatePointerMoniker

advapi32

RegOverridePredefKey

user32

TranslateMessage

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 628B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ