62296a4f319d3384d3678e308a64fb97_JaffaCakes118 | Triage

Sharing

General

Target

62296a4f319d3384d3678e308a64fb97_JaffaCakes118
Size

212KB
MD5

62296a4f319d3384d3678e308a64fb97
SHA1

3847ffb11362e61af9fbfe62bb62a5b72687c009
SHA256

1808870bf0e008280a5f487f710afb0bedb7442a2bb694ae5ec4706fbd9c08cd
SHA512

0a6b04ce2c35c6dc507181373bd6228530059be5357e4f177e43486e6ff789234dfca9c70858cf42d3c31b748e393fcdd6604539972a172ccd2d4e54fd41106c
SSDEEP

3072:TxXRXyGQvWPn4ODN4WfRIAAVkvdRReRMb2YK5DcIWDRbABbeVArXgOw++0OYurAG:pRCo4ODmWfOda7wRMb2YKjByOrfwqq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62296a4f319d3384d3678e308a64fb97_JaffaCakes118

Files

62296a4f319d3384d3678e308a64fb97_JaffaCakes118
.dll windows:4 windows x86 arch:x86

391813bdb013a66c7dbc627daa97feb2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpA
LoadLibraryA
VirtualProtect
GetModuleFileNameA
ExitProcess

user32

SetWindowTextA
MessageBoxA

ws2_32

closesocket

Sections

.text
Size: - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.e20
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.e21
Size: - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.e22
Size: 200KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ