90f74939a818b0dcb781c019fcd9c04d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

90f74939a818b0dcb781c019fcd9c04d_JaffaCakes118
Size

176KB
MD5

90f74939a818b0dcb781c019fcd9c04d
SHA1

2af79338219744710b9e10090a78cba0025a4542
SHA256

8444274c8003b438b8bb51958a41db1eb75f0735da2b3f6ccd5ad8d7153ee07e
SHA512

a2cda88bbae40b536b28817d4077c648e60014a54374fe4373398019557544f0a22c8cda67b3ab52769d191959a169f96947211b9cf516853d8d7e8eff6d943b
SSDEEP

3072:Gw5Q2kt+GXd727FEBQksHkpQJJn/kDQRZyBZSmcC4/Ldx4W6b:x5QiGlaBkG9JRZgSmEv4xb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
90f74939a818b0dcb781c019fcd9c04d_JaffaCakes118

Files

90f74939a818b0dcb781c019fcd9c04d_JaffaCakes118
.dll windows:6 windows x86 arch:x86

d3f2ba0912544e109f896b42321b1411

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

ws2_32

inet_ntoa

shell32

SHGetFolderPathW

system_tools

??_7variant@micl@@6B@

Sections

.MPRESS1
Size: 171KB - Virtual size: 532KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE