2c8e82342b05e58049ddd499cb3fb58d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c8e82342b05e58049ddd499cb3fb58d_JaffaCakes118
Size

144KB
MD5

2c8e82342b05e58049ddd499cb3fb58d
SHA1

90cc2361144b387620306c73887a616ab3508abc
SHA256

8a0b44bc7a9c4147619b0a5def30ab36b5b50beb5cdf7e09f6c8f66022341cf2
SHA512

9209b169b0b2839067257bcb23f171432378bf1f30009f28faea19f23395fec2c0391e4df2211c887c9d8bf9db341a7f9bbd4598f85ac10ba8bc07cb6022a112
SSDEEP

3072:H3QiJkaqoF6SU1m5FZNR1z0S73ecyCkzbN:HPWoF6LmzRR0KpyC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c8e82342b05e58049ddd499cb3fb58d_JaffaCakes118

Files

2c8e82342b05e58049ddd499cb3fb58d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

37c602cb7ed605c67443b088ebef069d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

ptm32.pdb

Imports

user32

CreateCursor
RegisterClassA
SendMessageA
UpdateWindow
SubtractRect
SetTimer
SetFocus
ScrollDC
CreateCaret
MoveWindow
MessageBoxA
IsChild
HideCaret
GetUpdateRect
SetCaretBlinkTime
GetCaretBlinkTime
CreateWindowExA
DestroyCaret
DestroyCursor
DrawCaption
DrawTextA
FlashWindow
GetClassNameA
OemToCharA
GetMenuInfo

comdlg32

GetOpenFileNameA
GetSaveFileNameA
ChooseFontA

advapi32

DeleteService
GetAclInformation
IsTokenRestricted

Exports

Exports

FuncProc

Sections

.text
Size: 128KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ