7819039e9cfc28f17ece081849b57755_JaffaCakes118 | Triage

Sharing

General

Target

7819039e9cfc28f17ece081849b57755_JaffaCakes118
Size

21KB
MD5

7819039e9cfc28f17ece081849b57755
SHA1

a58a92587a579b2cf604964d71ee90b0de481329
SHA256

05017b048f1ea110cad8c4acb09c8d1267f5b21ea4eb94ca2b4ed14fc742546f
SHA512

95cd86b55b2c86edf0681c8c42541f3aacc525dab36402d8c6961ad7ab8eba20b4c53cb47431c733f198b0f0711e4648ee938180bd06eb7a2358b6100c4a99b5
SSDEEP

384:zbbb0Uwt2u8gTZh4mLhs7ez8cs03fU8YZf2W4v5Z8mafsN:fbwtk86Izzzs03/YV2WAV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7819039e9cfc28f17ece081849b57755_JaffaCakes118

Files

7819039e9cfc28f17ece081849b57755_JaffaCakes118
.dll windows:4 windows x86 arch:x86

edf2c3858e83a6bbc40c4ff42206081e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleHandleA
lstrlenA
Sleep
GlobalAlloc
GetLastError
CloseHandle
GlobalFree
DeleteFileA
FreeLibrary
LoadLibraryExA
SetFilePointer
GetModuleFileNameA
GetTickCount
lstrcmpiA
lstrcatA
CreateMutexA
ExitThread
CreateThread
DisableThreadLibraryCalls

wininet

InternetReadFile
HttpOpenRequestA
InternetCloseHandle
InternetConnectA
HttpQueryInfoA

Exports

Exports

DllCanUnloadNow
DllUnregisterServer

Sections

.text
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 668B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ