0e6b12d2cc14989117d06fe8d8ab8c17_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e6b12d2cc14989117d06fe8d8ab8c17_JaffaCakes118
Size

7KB
MD5

0e6b12d2cc14989117d06fe8d8ab8c17
SHA1

8261284a0c8fdf48c468fb95e099ed165588b8df
SHA256

716b8710dfba7383751b788790eac74976421b7a0b70829704fef6087735e146
SHA512

3df9fa98acd368ce30844f3c1c914f1a81efeeda678fb700c7dc22e1857e4aaa957afb6728e2d263c7dec8bc96e7d156f3be3359f3967e73ef09a457d4cfba14
SSDEEP

96:AD8JWPrXo0MrLckhuwU8McG9Lpx2402XCgFH9WgyyhafHgdHjAEPlB:AXzozBIw1GZ72hAzVyyUHgGuf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e6b12d2cc14989117d06fe8d8ab8c17_JaffaCakes118

Files

0e6b12d2cc14989117d06fe8d8ab8c17_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ed5e8c3b43b593b682afe271ad91b22c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
CreateThread
GetCurrentProcessId
GetCurrentProcess
Thread32Next
TerminateThread
GetThreadPriority
CloseHandle
GlobalLock
GetModuleHandleA
Thread32First
CreateToolhelp32Snapshot
GetPrivateProfileStringA
Sleep
VirtualProtectEx
WideCharToMultiByte
ExitProcess
ReadProcessMemory
GlobalFree
GetProcAddress
GetModuleFileNameA

user32

SetWindowsHookExA
CallNextHookEx
UnhookWindowsHookEx

msvcrt

_stricmp
strrchr
memset
memcpy
strcpy
strlen
sprintf
free
_initterm
malloc
_adjust_fdiv

wininet

InternetOpenUrlA
InternetOpenA
InternetCloseHandle
InternetReadFile

Exports

Exports

fa
fb

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdata
Size: 512B - Virtual size: 271B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 482B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ