8373c9dacb1d437602a6dd5b60abfa5d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8373c9dacb1d437602a6dd5b60abfa5d_JaffaCakes118
Size

15KB
MD5

8373c9dacb1d437602a6dd5b60abfa5d
SHA1

27d08c3886ce0091ef072146efdc6806cff51961
SHA256

ec6ca182baebd81b2ca1bc1e748e9bdd3383076abbc3c7b9e76c7910f9c26d29
SHA512

f24e3919b7df0ff0fb1a35efb325e03f2d66a5062dcdbcaaaa27b6a60ee30508ac1cf4bcb7802d2fc025ee5652d91c8f12dad5dd1e826ab647c0d3da6e65c683
SSDEEP

192:REenpNXmbhwHCXCA3Ml1bCIEIoJPd5WaaM2BvkCOg:RVnpNXm1XCyscIjoJuaB2vnO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8373c9dacb1d437602a6dd5b60abfa5d_JaffaCakes118

Files

8373c9dacb1d437602a6dd5b60abfa5d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8749f6f6688edb55fbd83c1f6659aeb4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryW
GetProcessHeaps
CreateThread

advapi32

RegCreateKeyExA
RegCloseKey
RegOpenKeyExA

ws2_32

WSAStartup
closesocket
connect
gethostbyname
recv
send
setsockopt
shutdown
socket

Exports

Exports

xromnop

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 438B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA