1abe10f43facf4cfd684877278d6c0e0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1abe10f43facf4cfd684877278d6c0e0_JaffaCakes118
Size

21KB
MD5

1abe10f43facf4cfd684877278d6c0e0
SHA1

7e143eb16d1eaf5f513603130a3f25a3ef28dcd2
SHA256

828954c4c589ea48be764838edad14cda33872f7b08d34a6d74c08f522027b97
SHA512

7176a50d9b3f8551cf3217452e5257cfac21c6b74920c6b3e715d069556a6895e3fd99c28e0c2048b46667fb05a83cdc56c72441f74263f5fca43c65440a4237
SSDEEP

384:IRDeks4i4hynXQRHObgObU9yfmhA7zBA7o6H8cyv9VXitFnpOKbYhMsVYNERCddG:IVHs4ifX2uMObU9SmhA7zBA7o6H8cyvR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1abe10f43facf4cfd684877278d6c0e0_JaffaCakes118

Files

1abe10f43facf4cfd684877278d6c0e0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

15d8a76645fbef70664804252ed07763

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

htons
WSCEnumProtocols
WSCGetProviderPath

kernel32

HeapAlloc
HeapFree
ExpandEnvironmentStringsA
InitializeCriticalSection
WideCharToMultiByte
LoadLibraryW
HeapDestroy
HeapCreate
GetLastError
GetProcAddress
LoadLibraryA
SetUnhandledExceptionFilter
HeapReAlloc
LeaveCriticalSection
EnterCriticalSection
CreateMutexW
VirtualQuery
WaitForSingleObject
WriteFile
CreateFileW
DeleteCriticalSection
ReleaseMutex
CloseHandle
IsDebuggerPresent
GetVersionExA
ExpandEnvironmentStringsW
FreeLibrary
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter

advapi32

RegQueryValueExA
RegSetValueExA
RegDeleteValueA

Exports

Exports

GetLspGuid
WSPStartup

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ