3c1a8991e96f4c56ae3e90fb6f0ae679_JaffaCakes118 | Triage

Sharing

General

Target

3c1a8991e96f4c56ae3e90fb6f0ae679_JaffaCakes118
Size

20KB
MD5

3c1a8991e96f4c56ae3e90fb6f0ae679
SHA1

41d72fa626cccadcd5aae3a0a652043e4a4f7b4a
SHA256

9611d0b1837e933b9d938e19791b757aa56669ec75b8fd671bdd1371eede03bb
SHA512

426f9efc955ec2c6c159f776c23f4784b989b6d216e860c7366c8620585e5c42c87c421906768355cd2b54773a46511050c3cce24af3f6fd0bf34e95a5dca19a
SSDEEP

192:ZcMdjzlmeno/hERhFXmIoozoZSiLpeaencO+MX1gcT:OMdjzIWRhFWIoozo4iFGnhg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c1a8991e96f4c56ae3e90fb6f0ae679_JaffaCakes118

Files

3c1a8991e96f4c56ae3e90fb6f0ae679_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6772345dfdfef239defde216b3d731f0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

ntohl
htonl

msvcrt

_beginthreadex
_adjust_fdiv
malloc
_vsnprintf
fopen
vfprintf
fclose
free
memcpy
_initterm

kernel32

GetProcAddress
SetErrorMode
DisableThreadLibraryCalls
Sleep
GetExitCodeThread
WaitForSingleObject
SetEvent
CloseHandle
CreateEventA
GetLastError

Exports

Exports

ModuleCommand
ModuleStart
ModuleStop

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1019B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ