0d2345eb092efddfc7c9c7aaf4af089f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d2345eb092efddfc7c9c7aaf4af089f_JaffaCakes118
Size

134KB
MD5

0d2345eb092efddfc7c9c7aaf4af089f
SHA1

6d7c147dec2e07644083fac19e9892b77753631f
SHA256

64f4813c61ee9ede46c48a83eb6631f7dcf5cdb6e4be5b7f20571a42021a34c1
SHA512

3c0eac04b1f061606333afb1d27ed2692a7d93d19a7e2d7d45a456e71bb552faba2cd616662a8c80ade464680b8b7af20decf7491b5f71e1641650298ed80a62
SSDEEP

3072:2BmkdaHRxbceDb+VsgS6z241C/iSXnmn:HkdaHvHgsgPT1C/hXn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d2345eb092efddfc7c9c7aaf4af089f_JaffaCakes118

Files

0d2345eb092efddfc7c9c7aaf4af089f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b879c3a68f4ae820361ac6a3eb178915

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

nijmegen01.pdb

Imports

user32

UpdateWindow
SubtractRect
SetFocus
ScrollDC
SendMessageA
IsChild
HideCaret
GetWindowThreadProcessId
GetForegroundWindow
RegisterClassA
CreateCaret
CreateWindowExA
DestroyCaret
DestroyCursor
DrawCaption
DrawTextA
MessageBoxA
CharNextA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
ChooseFontA

advapi32

GetTokenInformation
DeleteService
CloseServiceHandle

Exports

Exports

FuncProc

Sections

.text
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ