8599408c1b5a2c30bfaa83af84de38af_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8599408c1b5a2c30bfaa83af84de38af_JaffaCakes118
Size

11KB
MD5

8599408c1b5a2c30bfaa83af84de38af
SHA1

77f570edbc25b48a7c236bef8efa79690e495710
SHA256

e3b44edd6d1f15d00a7ca9434d5fa6c6f897612b5d47fe8df9c94fc4de1e71f2
SHA512

0b87ff84eb71a628907c9529eb812cf3385ff8af410ac52ff57e3ffddf3e52ae5509ad186709cc3a599a652f74c68a6bae2edcf50d0ef96f6e41aa2a1db0eb28
SSDEEP

192:3zlzArGSbPaubKGo75Fu58ru0WGQeg0sSk+bTn95r5VnU:3zlzAzau+1Fu0Zg03brlVnU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8599408c1b5a2c30bfaa83af84de38af_JaffaCakes118

Files

8599408c1b5a2c30bfaa83af84de38af_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d0f82e245896a779e7cb80a4c5c1c5a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress
GetTickCount
GetVolumeInformationA
GlobalAlloc
GlobalFree
SetEvent
Sleep
Thread32First
GetCurrentThreadId
WaitForSingleObject
lstrcatA
lstrcpyA
lstrcpynA
lstrlenA
LoadLibraryA
GetLocalTime
GetCurrentProcessId
GetCurrentProcess
CreateToolhelp32Snapshot
CloseHandle
CreateThread
CreateEventA
CompareStringA
Thread32Next

shlwapi

StrChrA
StrCmpNA
StrNCatA
StrStrA
StrStrIA
StrToIntA
StrRChrA

ws2_32

select
sendto
gethostbyname
WSAStartup
socket
send
recv
inet_addr
htons
connect
closesocket

user32

SetWindowsHookExA
CallNextHookEx
wsprintfA

advapi32

RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey

dnsapi

DnsQuery_A

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ