3c5229cebea6f408cdad9f21b683d5e8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3c5229cebea6f408cdad9f21b683d5e8_JaffaCakes118
Size

171KB
MD5

3c5229cebea6f408cdad9f21b683d5e8
SHA1

71f639417d67c75cbcf7fb4d67e6afa9d88d3eff
SHA256

f4a8faa1aa14210b44f398f330c8fd94ce7920f71a3365468ee6ad24990faaca
SHA512

e68a47db633262a74f6e95c6f300939de40103ebe8b9cc230cf2b927dcc749cd73b2a024d8ac587fdb818fcaa66353497d2c25dfae50863f4acc5a2ac8470a8b
SSDEEP

3072:p8/NbdCGRtFq1zkuPczNslVnv70dWg6YIKOGBgmMMmq0yiF5y:p8VlRK1Aal5KWg6+BgmMVFT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c5229cebea6f408cdad9f21b683d5e8_JaffaCakes118

Files

3c5229cebea6f408cdad9f21b683d5e8_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e7154c684757ed3e21d774767a94c24f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

CreatePenIndirect
GetClipBox
GetCurrentPositionEx

kernel32

VirtualAllocEx
LocalAlloc
CreateThread
CreateFileA
LoadLibraryA
DeleteCriticalSection

msvcrt

wcscspn
sprintf
exit
mbstowcs
clock
calloc
malloc
swprintf
memset
memcpy
_acmdln
memmove
tolower
wcsncmp

user32

GetMenu
GetCapture
IsCharUpperA
GetScrollRange
GetWindow
GetScrollPos
GetScrollInfo
GetSysColorBrush

Exports

Exports

rUMnu@16
j1arxsvltJLDE
_vOW_6d6LKlE
_5IqJS@4
ZSEJpd90TGcJc
_9kxmqOYcHaR
2BF71yMMGOW

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ