0fcaafdf61a1644f85a2f6a38882bc4c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0fcaafdf61a1644f85a2f6a38882bc4c_JaffaCakes118
Size

12KB
MD5

0fcaafdf61a1644f85a2f6a38882bc4c
SHA1

041b9cb172192385630bfcb3d5f50b8393ee29cd
SHA256

145f8c56d5c3d6bb30b40c961107e99de64736c80fa200e26a076c235a33cce6
SHA512

54b26b2d32aed11773b2cc2afe52d6397088c50405ec20b76dcf0e0f0dff36ac85439e45409a1ea708768632abef69f042a71822936c2beee0e40a928cacc00e
SSDEEP

192:sxKedu0hZMv11IXnwHpQUF/iOBovE4sQMftaqYikd6H5tIfvaz1b9wKbx:sxKQ9ZMNS3QQU5iQovE4sQMftaqY6H5f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fcaafdf61a1644f85a2f6a38882bc4c_JaffaCakes118

Files

0fcaafdf61a1644f85a2f6a38882bc4c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b59f27bbe8a6e9645d20537c9723e73a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

mfc42

ord540

msvcrt

_adjust_fdiv

user32

wsprintfA

advapi32

DeleteService

ws2_32

sendto

urlmon

URLDownloadToFileA

Sections

.text
Size: 6KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE