0f17124b4dd21e0476974e259b6ade11_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f17124b4dd21e0476974e259b6ade11_JaffaCakes118
Size

41KB
MD5

0f17124b4dd21e0476974e259b6ade11
SHA1

15fbd61cf1afd31915b2d402d503bedab833d847
SHA256

655d3caecdb130beb1e2355d9f5fa24b8383fd5e899b6ca5eb35203b8dac13c2
SHA512

7f2f4f2f8a73467eb191f094ad5a9399f883168f14519fd0dcb09012affc9b4fecd4a4a8cdec1015a70101fe961159d216447be6ba276e49def98575031d0d21
SSDEEP

768:CZYbdhT6QktIa63Zj6rCt6DnI0Uboal2gQs5PxEjM61sNjd3WBJDbwpeyHAesq/U:CZ8dhT6763BJt6DDSh7pEQ6EjhWX3SeZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f17124b4dd21e0476974e259b6ade11_JaffaCakes118

Files

0f17124b4dd21e0476974e259b6ade11_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5544a558178895c012502baa823128b4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

ws2_32

connect

advapi32

SetSecurityDescriptorDacl

Exports

Exports

start

Sections

.text
Size: 35KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE