e74c87b116b500a80871940a8526cd03_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e74c87b116b500a80871940a8526cd03_JaffaCakes118
Size

10KB
MD5

e74c87b116b500a80871940a8526cd03
SHA1

48d7cdb1b654a50bd52506c70e47343aa96ed14e
SHA256

738a8eef976c58aa5b8160070c3d93ac519d92cf3dc72cfb9d1548990d190c35
SHA512

df2e907f64a4010f02ef53c6c6d171daffbdd5eadd1d23a0fd42b699e8d8466f1f55aa74fe8b6d5046ae077cd23b4995ba5e86905513c9d3bd9f9df53dd4c6d8
SSDEEP

96:wWOkVN5qkTQnjMuGZ/73Xl/hr79CfEHhpfK0TBh7mmGE/hafnN/iD5y7r:wWOkVNKoZZhr/pfKSSmG3BiFy7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e74c87b116b500a80871940a8526cd03_JaffaCakes118

Files

e74c87b116b500a80871940a8526cd03_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3cdd372a568cc10d0b21a5096a60f674

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
Sleep
VirtualProtectEx
GlobalFree
ReadProcessMemory
WideCharToMultiByte
GlobalAlloc
IsBadReadPtr
GetPrivateProfileStringA
GetProcAddress
GetModuleHandleA
CreateThread
GetModuleFileNameA
GlobalLock
GetCurrentProcess

user32

CallNextHookEx
SetWindowsHookExA

wininet

InternetReadFile
InternetCloseHandle
InternetOpenA
InternetOpenUrlA

msvcrt

_adjust_fdiv
malloc
_stricmp
_initterm
free
strcat
strrchr
??3@YAXPAX@Z
strcpy
??2@YAPAXI@Z
sprintf
strlen
strncpy
strchr
strstr
fclose
fread
fopen
memset
memcpy
strcmp

Exports

Exports

fa
fc

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdt
Size: 512B - Virtual size: 269B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ