8595406943efcc01061c43340645b5c9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8595406943efcc01061c43340645b5c9_JaffaCakes118
Size

14KB
MD5

8595406943efcc01061c43340645b5c9
SHA1

fa4a9476a0f80aa58f207121214237df870630dc
SHA256

fb13a22b948d9df601a56402eaff4ded6e6f89515fca3850e9b9d8e339a32304
SHA512

c423971d7452a67419771fc8691e798533e947bea177171ba9fb4addc76479da8399b3ff182b748c531daa9df962881da931f433b486e424ff04302ab2c92618
SSDEEP

384:SVcJHGJNeD1qkOfaQsMP7woE3g6YpZWVhWl:Z8+DPoae77n6zQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8595406943efcc01061c43340645b5c9_JaffaCakes118

Files

8595406943efcc01061c43340645b5c9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

42a181b557936af17b7a0c3b8df2ab21

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

CharToOemA

advapi32

RegOpenKeyA

crtdll

ldiv

mpr

WNetAddConnection3A

nwnet32

ord51

mapi32

CreateTable@36

svrapi

NetSecurityGetInfo

Exports

Exports

ABProviderInit

Sections

.MPRESS1
Size: 11KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE