323bb9484803fc12df43a903dc1c3d69_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

323bb9484803fc12df43a903dc1c3d69_JaffaCakes118
Size

21KB
MD5

323bb9484803fc12df43a903dc1c3d69
SHA1

fb58820974d327f914a40af62f1bdb0972b289df
SHA256

8d55c04cd5c5a6879e2bc80cc2fa8e229176d2bcfbfbca3a35ff4a5cf52b2c6a
SHA512

69a524b488cecd24ed8d9c6fbe601170cada49340b10bdfacfdd9105f892683cb7cd0361ead4abd084381337a0ac942feede35fcd37661f93ca3e3513499a11e
SSDEEP

384:jO8MwsUEGH7bRz7aawz5+u+hU2dC4oO2D2IY4239nnj3u6YD1fnXXDXFxR1/ixpq:jO8Mw8sbRzu7zchU2y2b42sF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
323bb9484803fc12df43a903dc1c3d69_JaffaCakes118

Files

323bb9484803fc12df43a903dc1c3d69_JaffaCakes118
.dll windows:4 windows x86 arch:x86

87615e807098ddbf24a93127f0381eef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetLastError
Sleep
GetTickCount
lstrcmpiA
CloseHandle
lstrlenA
GlobalAlloc
GlobalFree
DeleteFileA
FreeLibrary
LoadLibraryExA
SetFilePointer
GetModuleFileNameA
GetModuleHandleA
lstrcatA
CreateThread
DisableThreadLibraryCalls

wininet

InternetReadFile
HttpOpenRequestA
InternetCloseHandle
InternetConnectA
HttpQueryInfoA

Exports

Exports

DllCanUnloadNow
DllUnregisterServer

Sections

.text
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 674B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ