6f7b6e65d1864bed3efb4432e13b56c4_JaffaCakes118 | Triage

Sharing

General

Target

6f7b6e65d1864bed3efb4432e13b56c4_JaffaCakes118
Size

5KB
MD5

6f7b6e65d1864bed3efb4432e13b56c4
SHA1

8f32beb773e375b5665128f0680e3d82df312492
SHA256

d45f8af90ccc700941e9a1cebb14d32a1b3a883b5f5083be97ed9d9a95c1777b
SHA512

8557a10322c4798c118d8d43adfcbdbad22ced37ac241deece997e19bbeab9263eb01432b9e1436ca0058eab67abb700e603e3a7fea161023a6345c09c11cbae
SSDEEP

96:5h32yvDU4bJPJTsT2W6a5BidugOw2OLI12WFJ/sZU0V:zDhJhsnzH/9t5Tz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f7b6e65d1864bed3efb4432e13b56c4_JaffaCakes118

Files

6f7b6e65d1864bed3efb4432e13b56c4_JaffaCakes118
.dll windows:4 windows x86 arch:x86

02f80b5188cca915be1d9e1c54c6a0c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

GetDlgItemTextA
SetWindowLongA
CallWindowProcA
GetWindowLongA
UnhookWinEvent
SetWinEventHook

kernel32

GetModuleFileNameA
CreateFileA
CloseHandle
VirtualAlloc
FreeLibrary
DeleteFileA
ExitThread
CreateThread
DeviceIoControl
GetComputerNameA
GetWindowsDirectoryA
GetDriveTypeA
GetVolumeInformationA
Sleep
GetCurrentProcessId
GetModuleHandleA
GetProcAddress
LoadLibraryA
IsBadReadPtr

advapi32

GetUserNameA
GetCurrentHwProfileA

crypt32

CryptQueryObject

wininet

InternetGetConnectedState
InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetCloseHandle

ws2_32

gethostname
gethostbyname

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE