2c325bf16cff1852c0b9fae9ba73eb51_JaffaCakes118 | Triage

Sharing

General

Target

2c325bf16cff1852c0b9fae9ba73eb51_JaffaCakes118
Size

116KB
MD5

2c325bf16cff1852c0b9fae9ba73eb51
SHA1

c7cce35acda5b91f6193aaabd850b559cf4ab96d
SHA256

f7ed437d4fecac397ebac7306f4dbf435de4cf21be483115c6c50305beaf7da1
SHA512

3799c210e612e38b8418bf98baab9c7123aca780a5bc54b63ca7e018874a73392decc95f4f1ca1d6064e503ec7b772ad38f19ca2b20290e257d3c26284d6ef89
SSDEEP

1536:rfo5LdqDsQhOzq2ZWxYsLOmADnPOZ5BvDPehD4V6FwT5mP:rfMLIfz2cOT7PaBLWV4VcwTcP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c325bf16cff1852c0b9fae9ba73eb51_JaffaCakes118

Files

2c325bf16cff1852c0b9fae9ba73eb51_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7f21f0a6b4fa5ba91af009b507746604

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetModuleFileNameA
CreateMutexA
DisableThreadLibraryCalls
LocalFree
LocalAlloc
MultiByteToWideChar
WideCharToMultiByte
DeleteTimerQueueTimer
InterlockedIncrement
CreateTimerQueueTimer
InterlockedDecrement
GetSystemTimeAsFileTime
lstrcmpiA
WaitForSingleObject
ReleaseMutex
CreateFileW
lstrlenW
CreateFileA
DeviceIoControl
GetLastError
CloseHandle
Sleep

user32

GetGuiResources

Exports

Exports

RandomMemoryFunc

Sections

.text
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ