JaffaCakes118_e84ff620ed8f0f0c0a4e6535d3ce8ea919c89a67567c43d87897f57b119821ae | Triage

Sharing

General

Target

JaffaCakes118_e84ff620ed8f0f0c0a4e6535d3ce8ea919c89a67567c43d87897f57b119821ae
Size

184KB
MD5

571cc71d2a33379c66908b3abac1f544
SHA1

3331b6fed0462b9cb2cc0b171994b5091b16e421
SHA256

e84ff620ed8f0f0c0a4e6535d3ce8ea919c89a67567c43d87897f57b119821ae
SHA512

09758fc4fdeb90e3925bb3448dd8b39924638dccea86277a303d642a965035e89911d0d32ced21443933e2ed4d1c77b15dd911789fa2d4d62bbd98aacc390607
SSDEEP

3072:492qSmHOhnWpPI1ybmJIiC00PArIojHTYVBCn+rs3Ss3qLMTDrLA:49NSMOEpQ1Q3ODAr+Vr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_e84ff620ed8f0f0c0a4e6535d3ce8ea919c89a67567c43d87897f57b119821ae

Files

JaffaCakes118_e84ff620ed8f0f0c0a4e6535d3ce8ea919c89a67567c43d87897f57b119821ae
.dll windows:5 windows x86 arch:x86

f684d1d1b2c4c4c5eddaa7c939270df0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

memset

oleaut32

VarBstrFromDec

user32

ShowOwnedPopups

kernel32

GetModuleFileNameA
LoadLibraryExA
GetModuleHandleW

advapi32

RegLoadAppKeyA
RegisterEventSourceW

gdi32

GetFontData

Exports

Exports

CcfZASHbgfDsbf

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ