JaffaCakes118_7414350f5e7febbe5d5e9d1110c9c2ddb17323b9d5b13924ff263837fb87c73d | Triage

Sharing

General

Target

JaffaCakes118_7414350f5e7febbe5d5e9d1110c9c2ddb17323b9d5b13924ff263837fb87c73d
Size

204KB
MD5

3ea253fbef9417f63e2d4ce5393bf7f7
SHA1

c3acc3e641b15c14786e4701b624234f0de1846f
SHA256

7414350f5e7febbe5d5e9d1110c9c2ddb17323b9d5b13924ff263837fb87c73d
SHA512

46084a22dc428992056f301c4b98bcc2a9106458050466f8ca22e740b540949b81df7420b7f8354ba1c1a55c1f495b037adf1242623849986e512390ad79c6ba
SSDEEP

3072:s6FOf6h8i6pdDPvaaeEGObTS/HaoGoK9kN+Jcr9bhrFKL3fJpwZ:sZuX6pEaeEDheWa+Jc9bhorfTw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7414350f5e7febbe5d5e9d1110c9c2ddb17323b9d5b13924ff263837fb87c73d

Files

JaffaCakes118_7414350f5e7febbe5d5e9d1110c9c2ddb17323b9d5b13924ff263837fb87c73d
.dll windows:5 windows x86 arch:x86

cb5482a0fad978688db5ffd0e59e43ac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wintrust

CryptCATAdminCalcHashFromFileHandle

kernel32

LoadLibraryA
CloseHandle
LoadLibraryW
OutputDebugStringA
GetSystemDefaultUILanguage
GetPriorityClass

gdi32

OffsetClipRgn

advapi32

RegLoadAppKeyW
CloseEncryptedFileRaw

user32

TranslateMessage
EnumDisplayDevicesW
DragDetect
GetMenuState

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 124KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ