2f374a775950ab3dd90e57c6a8939db2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f374a775950ab3dd90e57c6a8939db2_JaffaCakes118
Size

286KB
MD5

2f374a775950ab3dd90e57c6a8939db2
SHA1

07037458c70847236b13c6bdf1576c53813c2398
SHA256

c0bb75e299bfb84d98feec2f96d085ce5a0caeb8edeb4e875a8d5ef187acb686
SHA512

0aea124407faf5d7e12d6aa045f771996aea22c168a4d6d98a70dc90b486bf5c28e787d15767ff3080bce50c2595c5bebbddb12a66d405915a9045633cc279ec
SSDEEP

6144:FZxWvO8WvHwBdXYbKQQWmKA7AFTNLIpOgBY27rMhtMIoECvs6OmGo:tWvO8WoBJLfT7oypO6OhtMNVvsuGo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f374a775950ab3dd90e57c6a8939db2_JaffaCakes118

Files

2f374a775950ab3dd90e57c6a8939db2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b6c614b31e46626f0ee82f8ba0eeea21

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ToAscii
SetFocus
GetWindowTextA
EnableScrollBar
DrawTextA
DispatchMessageA
CreateIcon
CreateDesktopA
CreateAcceleratorTableA
CharPrevA

kernel32

GetPrivateProfileStringA
SetCurrentDirectoryA
LocalAlloc
InitializeCriticalSection
GetTimeFormatA
lstrlenA
lstrcpynA
lstrcmpA
lstrcatA
SleepEx
CompareStringA
EnumResourceLanguagesA
EnumResourceNamesA
ExitProcess
FindResourceA
GetCommandLineA
GetFileSize
GetLastError
GetSystemTimeAsFileTime
GetSystemTime
Sleep

oleaut32

GetErrorInfo
OleTranslateColor
VarBstrCat
ClearCustData

Sections

.text
Size: 39KB - Virtual size: 392KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 242KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ