2927b7854e17a95473c9b14a241931dd_JaffaCakes118 | Triage

Sharing

General

Target

2927b7854e17a95473c9b14a241931dd_JaffaCakes118
Size

16KB
MD5

2927b7854e17a95473c9b14a241931dd
SHA1

2b36d180eebe0123459755934c9806ce1b49b367
SHA256

9f185d268e09533a52f8efe0022694e83179c62a2b940be9eb6f24291ee23c52
SHA512

37a7495f008f6945067fe94f1be8d0ba58a15d6b33066573f528a688a9da256a1841fd65b6459180fa6348907c8fbe785e0221ed2e0bd78c8899bdc7e31c2688
SSDEEP

384:ef755NZpmfJ41YV7XCTSse2efd2UR1+8:efVjZa41YV7XCTHefYU7h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2927b7854e17a95473c9b14a241931dd_JaffaCakes118

Files

2927b7854e17a95473c9b14a241931dd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

25522e986c75c11353a930692d1910f4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

strncpy

ws2_32

inet_ntoa

wininet

InternetReadFile

user32

TranslateMessage

advapi32

RegCloseKey

Exports

Exports

_DllMain@12
load

Sections

.text
Size: 11KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE