c8d8c3f30349a4a84346ca2b84473953_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8d8c3f30349a4a84346ca2b84473953_JaffaCakes118
Size

96KB
MD5

c8d8c3f30349a4a84346ca2b84473953
SHA1

b424d6245aa540639cde83397a926e6f7b69ad69
SHA256

2e5c57a67815da530245a46a3e1cee8ba92ca12b15d71aa24f952e9bd9871b20
SHA512

aa4d0400b96013a1ced0b4b94a3fb7e9012b2aab70aa82b180cc66adee10d41923fe9665d108747b5cf12ceabd137e9c282b246f07885fe41c3a9af7cb405c22
SSDEEP

3072:d8FkLMVqR0jINpYfXYx2WF9yRPaBo8pqcI9j+:mFRg/pYgxFCRPuo8pT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8d8c3f30349a4a84346ca2b84473953_JaffaCakes118

Files

c8d8c3f30349a4a84346ca2b84473953_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6b0ddd15c3908d104f0671a334b06b97

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ToAscii
RegisterClassW
MessageBoxIndirectW
GetMessageW
FillRect
EmptyClipboard

kernel32

GetTimeFormatW
ExitProcess
InterlockedExchange

advapi32

RegOpenKeyExW
RegSetValueExW

comdlg32

GetOpenFileNameW
GetFileTitleW

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ