2ae84ac69b46113b0da01ad233c44789_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ae84ac69b46113b0da01ad233c44789_JaffaCakes118
Size

26KB
MD5

2ae84ac69b46113b0da01ad233c44789
SHA1

c5173353e679b6e8dc2e867cdcad313a3730da42
SHA256

4aa246ff96f6f0a0c0f03028243b6a04b0a0d9ae2e71467546e5f343302b5db0
SHA512

17f0b4c25cc8f651a28cc14976492469db81c43254234d0c0f2d1c8c6c3407e21a4ac1eda24ada9f27565f885b184caf3b78e640b68bcf20283f4a59a3215a1d
SSDEEP

384:+k6wte+89YB8wv8oEcq3xm2gQII4fvfxBZ0m/xlgG6i3C0IMWgil4IOSOma6oDBC:qwjmwv8Vrs2Cn/T6drMWyPSOmj3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ae84ac69b46113b0da01ad233c44789_JaffaCakes118

Files

2ae84ac69b46113b0da01ad233c44789_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f579ec297fa651b6f8e8adebbb671fc0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
lstrcatA
GetSystemDirectoryA
Sleep
lstrcpyA
lstrcmpA
ExitProcess
lstrcmpiA
lstrlenA
GetTickCount
lstrcpynA
GetModuleHandleA
VirtualAlloc
GetSystemTime
WideCharToMultiByte
MultiByteToWideChar
CloseHandle
ReadFile
CreateFileA
SetFilePointer
GetModuleFileNameA
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
GetLastError
CreateMutexA
RtlUnwind

user32

CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
PostThreadMessageA
FindWindowA

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetQueryDataAvailable
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
HttpQueryInfoA

Exports

Exports

DivxDecode
HHHH
InitializeDivxDecoder
SetOutputFormat
UUUU
UnInitializeDivxDecoder
ftsWordBreak

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ