8959de5cd9faa346a0064e16fbbb5344_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8959de5cd9faa346a0064e16fbbb5344_JaffaCakes118
Size

72KB
MD5

8959de5cd9faa346a0064e16fbbb5344
SHA1

5b81acb123626c2f0167f4632b80bc978b8365ef
SHA256

5e6fc0116be2db1d6b2a779c0266b3f1aff1f7cb1bde4b9bfcbac1b0d8823179
SHA512

521af1cff7250d7ee5aeebe66408702aea9981f091767e35db626ad8bd6d9400646beb958ba5bbcfb1bbdfdf468fbf819698de82ad8ed2acbc318431760a3efa
SSDEEP

1536:ZiFPzZ1oF57zmTBEdCFD3GoWAAPUeY0DQjAaH:its7EF7APUeYayAM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8959de5cd9faa346a0064e16fbbb5344_JaffaCakes118

Files

8959de5cd9faa346a0064e16fbbb5344_JaffaCakes118
.dll windows:4 windows x86 arch:x86

74928bafe9504b227cb0274bd48c2097

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
GetModuleHandleA
HeapFree
HeapAlloc
GetProcessHeap
GetLastError
GetStartupInfoA

shlwapi

UrlCombineA

setupapi

SetupGetFieldCount

msvcrt

__setusermatherr
_onexit
__dllonexit
memcpy
_exit
_XcptFilter
_controlfp
_acmdln
__getmainargs
_initterm
exit
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 906B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ