2cff313469527c30d63ccb72433076dc_JaffaCakes118 | Triage

Sharing

General

Target

2cff313469527c30d63ccb72433076dc_JaffaCakes118
Size

21KB
MD5

2cff313469527c30d63ccb72433076dc
SHA1

f86eb9d17495fc0c721ea85ff58056608b302237
SHA256

be1b5ff442f04ef3f7f6a2c6ba28a83bdc4119cb88b1c2a6b2cd978214f319d6
SHA512

06a088b9a03bf98a4eda5319a7e183524a01defff5fa3bf6915f3bb9d4cc8a8c58cb095f45b998b0edca6e6b5f3b172794cff597061abc19dbe7186ada518290
SSDEEP

384:KxIte+t3794KJUtMKdJscSL2Zu3nzy45Y423wnnnnnnnnznnjzKnKnHsrnnRPnHF:KxOfrJUthnP34G42AnnznKKMr5HH/+rS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cff313469527c30d63ccb72433076dc_JaffaCakes118

Files

2cff313469527c30d63ccb72433076dc_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c682483b70b3c7dbf346bc2437de0526

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetLastError
Sleep
GetTickCount
lstrcmpiA
CloseHandle
lstrlenA
GlobalAlloc
GlobalFree
DeleteFileA
FreeLibrary
LoadLibraryExA
SetFilePointer
GetModuleFileNameA
GetModuleHandleA
lstrcatA
CreateThread
DisableThreadLibraryCalls

wininet

InternetReadFile
HttpOpenRequestA
InternetConnectA
HttpQueryInfoA

Exports

Exports

DllCanUnloadNow
DllUnregisterServer

Sections

.text
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ