JaffaCakes118_909fc434ab03ee20f5bbde67c859066a419cef141ca8b28ff09a7336c548c034 | Triage

Sharing

General

Target

JaffaCakes118_909fc434ab03ee20f5bbde67c859066a419cef141ca8b28ff09a7336c548c034
Size

204KB
MD5

e0b439642f86cc9845a0c8add15468a2
SHA1

71157522b72c6b6cda6200d5545de9976c1da7af
SHA256

909fc434ab03ee20f5bbde67c859066a419cef141ca8b28ff09a7336c548c034
SHA512

f7a8237a8fef4e1dbd53578167344539277a3596915be9d4806e3ed7b5a08882210bf1ce702f92a43c2034b158a006f26beae1f0ecfb5b854f8b3e75e31ff3c6
SSDEEP

3072:wBHfDmTQoHJhc+1aImpJRxSmR7bVsSazalcBfc7Ivu5IMlZ:wBHLSc+wLJRHFVsSaGluUs25Iw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_909fc434ab03ee20f5bbde67c859066a419cef141ca8b28ff09a7336c548c034

Files

JaffaCakes118_909fc434ab03ee20f5bbde67c859066a419cef141ca8b28ff09a7336c548c034
.dll windows:5 windows x86 arch:x86

2715a19d1d4a50604e0ace50d5e16153

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

OffsetClipRgn

user32

GetMenuState
EnumDisplayDevicesW
TranslateMessage
DragDetect

wintrust

CryptCATAdminCalcHashFromFileHandle

advapi32

RegLoadAppKeyW
CloseEncryptedFileRaw

kernel32

GetSystemDefaultUILanguage
CloseHandle
OutputDebugStringA
LoadLibraryA
LoadLibraryW
GetPriorityClass

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 124KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ