a12d7e1bf870dcd9d9476869ab8a2d2e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a12d7e1bf870dcd9d9476869ab8a2d2e_JaffaCakes118
Size

58KB
MD5

a12d7e1bf870dcd9d9476869ab8a2d2e
SHA1

8c07479368fb689ad2d4439635d77bc6dbe47dde
SHA256

fa84ddf26f5e6f3a5b7a2e71a0da4849088f2c6fca6358334d7087d49d7df217
SHA512

9cfd1698cd8fe73eb0245e9f85d60a3e5542756457d2aab4776dd047987ca00f687a21532b3bbf591203f414990ff02c83301819e5f8452e195f6bb8aa7d14f0
SSDEEP

1536:pgULBh4te7A/xfx8xCcnWBgZK0L4mn3az+xlqhdh:pBQte7Af8Q6Z7MmnRa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a12d7e1bf870dcd9d9476869ab8a2d2e_JaffaCakes118

Files

a12d7e1bf870dcd9d9476869ab8a2d2e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0556b1abeeb1a4e9fb2c516095ab68a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

xpcom

NS_StringSetData

wininet

InternetOpenW

mozalloc

moz_free

user32

GetDC

gdi32

BitBlt

advapi32

RegCloseKey

shell32

SHGetMalloc

ole32

CoCreateGuid

msvcp80

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcr80

free

shlwapi

StrStrA

ws2_32

connect

Exports

Exports

NSGetModule
NSModule

Sections

.MPRESS1
Size: 53KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE