23882d54c44826e31e013ed444925846_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

23882d54c44826e31e013ed444925846_JaffaCakes118
Size

29KB
MD5

23882d54c44826e31e013ed444925846
SHA1

599bc5b47ed136d1f5b16a5c4957cb1edc9b6c3b
SHA256

5a67352359faa65a991c3473a18fd1e890403735365df5684119ca8e6828bd55
SHA512

59d70b759427b9d35c597fe007e44a711fe2e2fb33540ea69aff07cdf956d651729b9540629a55f8f73ad4ad567a7d20abd292c68752edab5357c8b8dc1603ea
SSDEEP

768:l6wjX4pgOVMgNdMMNSzyr76MuW3ggU0ql:l6wb4p3pNdM3y6MuOgEql

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23882d54c44826e31e013ed444925846_JaffaCakes118

Files

23882d54c44826e31e013ed444925846_JaffaCakes118
.dll windows:4 windows x86 arch:x86

bd2f2aefb5bf292b76518c3f3f128e84

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

ws2_32

setsockopt

winmm

timeGetTime

advapi32

RegOpenKeyExA

shell32

SHGetSpecialFolderPathA

msvcrt

strstr

Exports

Exports

CheckConnectionAndGetIP
SwindleWebBrowser
UseThisCode

Sections

.text
Size: 23KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE