JaffaCakes118_d0343203c35e86574b931f8637eb0d80ca2f11da531591565d03f44a8090fe7f | Triage

Sharing

General

Target

JaffaCakes118_d0343203c35e86574b931f8637eb0d80ca2f11da531591565d03f44a8090fe7f
Size

184KB
MD5

2f6352ae0eccb77f1a0cc8b6bd882f6b
SHA1

42dfede7f7a69681afeb0fceeb64353e0f05002a
SHA256

d0343203c35e86574b931f8637eb0d80ca2f11da531591565d03f44a8090fe7f
SHA512

986818291f6239e9edad4a4abb6503fa1cd21e5a6da218859bc1533899da215d0e251e617353fec2e646778d70936ee39c94d43cb23a9a25b51e4692b38d0708
SSDEEP

3072:+W8WgWhVnmr6k/6zsRJLNqTXvMU9tb+/HU6ngmKWx9ixCH0u:V8qh+66QsRdNiBW/06ngmKWexC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_d0343203c35e86574b931f8637eb0d80ca2f11da531591565d03f44a8090fe7f

Files

JaffaCakes118_d0343203c35e86574b931f8637eb0d80ca2f11da531591565d03f44a8090fe7f
.dll windows:5 windows x86 arch:x86

eacc1eddf059a6097fd8d34c586d3907

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegOverridePredefKey
RegisterEventSourceW

user32

ShowOwnedPopups

msvcrt

memset

oleaut32

VarBstrFromDec

gdi32

GetFontData

kernel32

GetModuleHandleW
LoadLibraryExA
GetModuleFileNameA

Exports

Exports

FWroeeWqoinnmw

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ