49f07196fdd2acc9b4c794d99ba1381c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49f07196fdd2acc9b4c794d99ba1381c_JaffaCakes118
Size

61KB
MD5

49f07196fdd2acc9b4c794d99ba1381c
SHA1

933be36cb80d173be072db24ffdc4b1530dc94ec
SHA256

903b46624ec1001e5aed1b90fc625d1d817a1d531f5b1c8e66e9243eb031b1ec
SHA512

a67551ed4560a9b8c0dfb92d14a46c3fd8d8420a4a17b81cebddabb8afa8757080004044e97487ab5a7adbb09aafae0bd1b7314ade8baf4a4206a6e0f9468d97
SSDEEP

1536:4RrWBC+snkpmsTyoJkQgjmuX/PLew6BAUctekzeA:4YBC+skpzTyoJSmuXnLevmekze

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49f07196fdd2acc9b4c794d99ba1381c_JaffaCakes118

Files

49f07196fdd2acc9b4c794d99ba1381c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6eff1ce8850799a0f9b1e390ae018bab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA

ws2_32

htons

Exports

Exports

mod_start
mod_stop

Sections

.text
Size: 59KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE