1bcf975f78a43483aa7a59979f40d1a3_JaffaCakes118 | Triage

Sharing

General

Target

1bcf975f78a43483aa7a59979f40d1a3_JaffaCakes118
Size

21KB
MD5

1bcf975f78a43483aa7a59979f40d1a3
SHA1

95e929d0125c404b81b0fdbcd9761ec55e143a95
SHA256

7de16b9d8df87d935ef34e85c3c46b97ca6f3d32ec3a020be316d823e7daeb3d
SHA512

430c44bc1275ca0014724045d9de33fd5dcbbeba663a8b69bdf2ce24539cb6d1434b809cc5e6d758811055467cf5381aef5810fa8f1c826bf3e28744ad095460
SSDEEP

384:iLZqXHyOIu4/V0sVqOkd541wdHZuq0uIEShUO+EPPkB6NR8:imTIu490sY2id5d0uBIUCPPkB6v8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1bcf975f78a43483aa7a59979f40d1a3_JaffaCakes118

Files

1bcf975f78a43483aa7a59979f40d1a3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

15d8a76645fbef70664804252ed07763

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

htons
WSCEnumProtocols
WSCGetProviderPath

kernel32

HeapAlloc
HeapFree
ExpandEnvironmentStringsA
InitializeCriticalSection
WideCharToMultiByte
LoadLibraryW
HeapDestroy
HeapCreate
GetLastError
GetProcAddress
LoadLibraryA
SetUnhandledExceptionFilter
HeapReAlloc
LeaveCriticalSection
EnterCriticalSection
CreateMutexW
VirtualQuery
WaitForSingleObject
WriteFile
CreateFileW
DeleteCriticalSection
ReleaseMutex
CloseHandle
IsDebuggerPresent
GetVersionExA
ExpandEnvironmentStringsW
FreeLibrary
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter

advapi32

RegQueryValueExA
RegSetValueExA
RegDeleteValueA

Exports

Exports

GetLspGuid
WSPStartup

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ