8338031d4a440cc50556f5fe882b305e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8338031d4a440cc50556f5fe882b305e_JaffaCakes118
Size

12KB
MD5

8338031d4a440cc50556f5fe882b305e
SHA1

bbd87aa04dfb4d71e5f0256e36ceaa3127e0c0ee
SHA256

d3482b90209b326a411a797dc91ad9b3e487137f47457c52ff1f57a380252bd3
SHA512

997e31be87880ad27c3ce7dead9002e6c09bcc9d5336acd9607e74888d7a11af6f63ce03b1747a09a7088f070345f1df4cb9c3167bbe3eee88c919e9bad44a5c
SSDEEP

192:dgQ2P7NYxAbwkJe0Ms3jnayW1UrAjavg5U/+XrjbW:yQQWxhkQ0MijayW1UrAjavmUG7j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8338031d4a440cc50556f5fe882b305e_JaffaCakes118

Files

8338031d4a440cc50556f5fe882b305e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2cde2a8775fae6c6d0c43d21fb2ad166

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CharLowerA
wsprintfA

kernel32

CreateFileA
CreateProcessA
CreateRemoteThread
CreateThread
CreateToolhelp32Snapshot
DeviceIoControl
ExitThread
GetFileSize
GetModuleFileNameA
GetProcAddress
GetProcessHeap
GetSystemDirectoryA
GlobalAddAtomA
GlobalFindAtomA
HeapAlloc
CreateEventA
OpenProcess
Process32First
Process32Next
RtlZeroMemory
Sleep
TerminateThread
VirtualAllocEx
CloseHandle
VirtualProtectEx
WaitForSingleObject
WriteProcessMemory
_lread
_lwrite
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
LoadLibraryA
VirtualFreeEx

advapi32

RegSetValueExA
RegOpenKeyExA
RegNotifyChangeKeyValue
RegCloseKey

wininet

InternetCloseHandle
InternetConnectA
InternetReadFile
HttpSendRequestA

ws2_32

connect
gethostbyname
recv
send
socket

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 702B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ