4a7c93cdc17dfc8fed849b57cdc8ce88_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4a7c93cdc17dfc8fed849b57cdc8ce88_JaffaCakes118
Size

21KB
MD5

4a7c93cdc17dfc8fed849b57cdc8ce88
SHA1

fed75d29b66c84d21419b8fa5cbc32b83ba19c7b
SHA256

0b247ac5dcc83afb6b9536e56c5206e2494da8487b5adb191ddb9fcb93504c4a
SHA512

f1d807be13068a0d91f2aa6cb8696a1424f16deb15e2319f5c1d269003ac7781325e6bbbdb3c9def6140d770407090ca56029029798f61ac20959b4b773bbd1d
SSDEEP

384:TPHF/+wmW0GQ4S8bljuVMGkDAxRGo5B/CtutnX7wR8:TEV4S8BjRGk0vG+IsQ8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a7c93cdc17dfc8fed849b57cdc8ce88_JaffaCakes118

Files

4a7c93cdc17dfc8fed849b57cdc8ce88_JaffaCakes118
.dll windows:4 windows x86 arch:x86

15d8a76645fbef70664804252ed07763

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

htons
WSCEnumProtocols
WSCGetProviderPath

kernel32

HeapAlloc
HeapFree
ExpandEnvironmentStringsA
InitializeCriticalSection
WideCharToMultiByte
LoadLibraryW
HeapDestroy
HeapCreate
GetLastError
GetProcAddress
LoadLibraryA
SetUnhandledExceptionFilter
HeapReAlloc
LeaveCriticalSection
EnterCriticalSection
CreateMutexW
VirtualQuery
WaitForSingleObject
WriteFile
CreateFileW
DeleteCriticalSection
ReleaseMutex
CloseHandle
IsDebuggerPresent
GetVersionExA
ExpandEnvironmentStringsW
FreeLibrary
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter

advapi32

RegQueryValueExA
RegSetValueExA
RegDeleteValueA

Exports

Exports

GetLspGuid
WSPStartup

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ