4c5709ea7d1a2589bf93a580313dbebb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4c5709ea7d1a2589bf93a580313dbebb_JaffaCakes118
Size

40KB
MD5

4c5709ea7d1a2589bf93a580313dbebb
SHA1

997924410a9de3b27221a1cbfee1f9e1ba41d6e1
SHA256

b97a160162c4680ddb273de490134bd5d6322c12cfaa770e66c1e62843b0cfee
SHA512

5f522c81254e9faef2f38b7fc3558080ff6502f0b483ffab44cd7a845a02400ffaa149db7647ec19299d5f0a8252d3a264261b8ac3a987754040b07b8bf58527
SSDEEP

768:u3MiMIbaPc2NsPKlNVArw+FAOVvmY5c6FwRoJMdDRpnhs:uMIbmkMNVP+FAuvm4wemf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c5709ea7d1a2589bf93a580313dbebb_JaffaCakes118

Files

4c5709ea7d1a2589bf93a580313dbebb_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5544a558178895c012502baa823128b4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

ws2_32

connect

advapi32

SetSecurityDescriptorDacl

Exports

Exports

input

Sections

.text
Size: 35KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE