8715b78ed134d31f19db0b383e2bd8cc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8715b78ed134d31f19db0b383e2bd8cc_JaffaCakes118
Size

19KB
MD5

8715b78ed134d31f19db0b383e2bd8cc
SHA1

4425fa4e19c1d65cd85d3c6cf3dcf8c12738b7af
SHA256

7080adb9b3c2f6720aeb8c221241a71638b688c62e83352822592287c3530c8a
SHA512

e85250c3a9bc38ea14b3b5485e3718285ffdae1efc89d8376a19737e74e0132245d9bc471c58e6d2c4422a06cd4601a85498cca44fa6e05ab85deb54cd88a394
SSDEEP

384:60EvQ719b1GU6MIo6lfIdYbshRJcMhfIb93ri93VLZVrXt5ZhNbVnJRYN:vEv+1B1uboWfIqORJVfzYN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8715b78ed134d31f19db0b383e2bd8cc_JaffaCakes118

Files

8715b78ed134d31f19db0b383e2bd8cc_JaffaCakes118
.dll windows:4 windows x86 arch:x86

62cb3f2f6023e75118857e77bbc17e44

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GlobalAlloc
GetLastError
GetTickCount
CloseHandle
lstrcmpA
lstrlenA
GlobalFree
SetFilePointer
CreateMutexA
ExitThread
lstrcatA
CreateThread
DisableThreadLibraryCalls
VirtualProtect
GetModuleHandleA
lstrcmpiA
GetModuleFileNameA
Sleep

user32

wsprintfA

advapi32

GetUserNameA

wininet

HttpSendRequestA
HttpQueryInfoA
InternetReadFile
HttpOpenRequestA
InternetCloseHandle
InternetConnectA

Exports

Exports

DllCanUnloadNow

Sections

.text
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 568B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ