c8f692f76a225b6d0be5097193aad4ce_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8f692f76a225b6d0be5097193aad4ce_JaffaCakes118
Size

13KB
MD5

c8f692f76a225b6d0be5097193aad4ce
SHA1

24b42f5246bd0c625369d1cbc42c0d837936c551
SHA256

cf11ce33ceeb44fa4d25266eb3c1e2039990932336c2009439d028bc4463acaf
SHA512

cb4b1c8a6bd6464ecc9df9b9561b14c37e20fa790c5e4f942184b532fa91c6d4f269e6ee4a52c70b42343a8560b781486d944efe9e4fe11f189eb058d98c94e6
SSDEEP

96:e6M9huWhlBN6ZA/iTDAUVRcnu2UuoSHK6OChMwYotQOGjyQTBJ5yu:edhuW7BN6BTDAUVauPSHvOSvYrj7T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8f692f76a225b6d0be5097193aad4ce_JaffaCakes118

Files

c8f692f76a225b6d0be5097193aad4ce_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5d8a5bac15c7d5a42cbee4711c0b24ee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess

user32

SetWindowTextA

gdi32

BitBlt

msvcrt

??2@YAPAXI@Z

Exports

Exports

DllEntryPoint
Screenshot
SendDDE
SetAllCaptions

Sections

pec1
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pec2
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pec3
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pec4
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pec
Size: 7KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ