61f194f98ae57dd5b241d17d2367ff4e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

61f194f98ae57dd5b241d17d2367ff4e_JaffaCakes118
Size

7KB
MD5

61f194f98ae57dd5b241d17d2367ff4e
SHA1

ef2eba60fcfe52d7716454a4a451a893d69a6138
SHA256

aefac839232b722c1e6b0fb77b078b5291a6f5986c887c16d2b20b460a148dc6
SHA512

421ee40635111e412fc6ef256eb457e3b9ed58f858baa083d0ffc6cc5119183913c6480f4d8e093454572cc067fd1c11bbc97ba629deb2960686d50b1cdc4075
SSDEEP

96:UvQvIXgcXKnxYsKR6rbkZ1aygzdV0Ah1LmA3YQ5+kgtO2jk2NKFn:YRXfanRKRGWpgzdV06gKKFHNKFn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61f194f98ae57dd5b241d17d2367ff4e_JaffaCakes118

Files

61f194f98ae57dd5b241d17d2367ff4e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2dabf80efecea0dd8461e070e124bd1a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
lstrlenA
CloseHandle
GetLastError
HeapAlloc
SetFilePointer
CreateFileA
GetModuleFileNameA
HeapFree
GlobalAlloc
ReadFile
lstrcpynA

user32

wsprintfA
CharLowerBuffA

advapi32

RegCloseKey
RegOpenKeyA
RegEnumValueA

wininet

FindCloseUrlCache
FindNextUrlCacheEntryA
FindFirstUrlCacheEntryA
InternetCrackUrlA

Exports

Exports

CheckIEHistory
GetVerID

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 354B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ