81eef90d609f257bd8825bb7e53c40c1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

81eef90d609f257bd8825bb7e53c40c1_JaffaCakes118
Size

24KB
MD5

81eef90d609f257bd8825bb7e53c40c1
SHA1

65d15eb8e3cdfb8d2f2ec9d086bce0dbd8b32607
SHA256

7e28b5bb01f0c20788284a1b2b0ffa1ce0d1fa557b7b5a91cb17195c3d6594b7
SHA512

47cb0080964877b589be9d12cd7c46394e5f30d6b05095decd737ac52af8564aca15b67e80a2821183502c0a67a24e2397907eda34de2e8213754eed178fe4dc
SSDEEP

192:I+VE/+usB2NbfDOoeEqmVG+kCLOaOOq/v1:I+VE/+usB2NjTeEqmVGx+OaHq/t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
81eef90d609f257bd8825bb7e53c40c1_JaffaCakes118

Files

81eef90d609f257bd8825bb7e53c40c1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d18a6ce9c1d72d50559fe118c0b2188a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libapr-1

_apr_pool_destroy@4
_apr_pool_create_ex@16
_apr_pstrmemdup@12
_apr_pstrdup@8
apr_pstrcat
_apr_pool_clear@4
_apr_table_unset@8
_apr_array_make@12
_apr_array_append@12
_apr_palloc@8
_apr_array_push@4

libaprutil-1

apr_bucket_type_eos
_apr_bucket_flush_create@4
_apr_strmatch_precompile@12
_apr_brigade_create@8
_apr_brigade_pflatten@16
_apr_brigade_cleanup@4
_apr_bucket_transient_create@12

libhttpd

_ap_regexec@20
_ap_pregsub@20
_ap_pass_brigade@8
_ap_save_brigade@16
_ap_register_output_filter@16
_ap_pregcomp@12

msvcrt

free
_initterm
_adjust_fdiv
memchr
malloc
tolower

kernel32

DisableThreadLibraryCalls

Exports

Exports

substitute_module

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ