e83a770336fffde85bd1e918a47da6a7_JaffaCakes118 | Triage

Sharing

General

Target

e83a770336fffde85bd1e918a47da6a7_JaffaCakes118
Size

128KB
MD5

e83a770336fffde85bd1e918a47da6a7
SHA1

11f5885272d31227e731dd1c6106575689be79c3
SHA256

582d588d5881b17bb7d7a173f29eb07ea4e27ea786b120f5e810619e1b82fec6
SHA512

074f83713a59d89fef026c4568da56944848a2f00efefb1bf538be543a9fcefce3195feaee14015ec5cba1f8e94e5fce677b611aa687d9d84fd06110a5cd845a
SSDEEP

3072:hDCFP3qJJ/PucAVAPJ7NPjTUwT3+AGAl7pj:hEP6JJ/2sbYc+AGAVd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e83a770336fffde85bd1e918a47da6a7_JaffaCakes118

Files

e83a770336fffde85bd1e918a47da6a7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

35a78fd0a9ee91dee80a85ca52134456

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA

advapi32

RegQueryValueExA
OpenProcessToken
QueryServiceStatus
SetSecurityInfo

oleaut32

SafeArrayPtrOfIndex
SysFreeString

shell32

ShellExecuteA

urlmon

URLDownloadToFileA

user32

GetKeyboardType
MessageBoxA

ws2_32

setsockopt

wsock32

WSACleanup

Sections

.text
Size: 126KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE