8d9d18fe7facbebd372fbe9e5c7b220d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8d9d18fe7facbebd372fbe9e5c7b220d_JaffaCakes118
Size

32KB
MD5

8d9d18fe7facbebd372fbe9e5c7b220d
SHA1

c6b226fef766f5ff3a0311722b22cfc31b1c0bed
SHA256

d2ae1badf76b22de66ddbb71d1699c6ee57284eeca1994b4e6095d696a1b142e
SHA512

414d432b901cb67a26ed3744fdea5c6061497c06c7e18f1a34f4b5b8420c48c46404261814c0be7c0a58994bf91f79d09f27a35a1924e86a528263d1cb63a587
SSDEEP

384:nI5p8qG3r6mllO6noVCmnGE54qLmDSQ9t09o5:nOwvmtwmGE5BLmm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d9d18fe7facbebd372fbe9e5c7b220d_JaffaCakes118

Files

8d9d18fe7facbebd372fbe9e5c7b220d_JaffaCakes118
.dll windows:1 windows x86 arch:x86

acbefcc0a33c76e732a6ca02d7579f76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

WriteFile
CreateFileA
CloseHandle
GetFileAttributesA
ReadFile
HeapAlloc
HeapFree
EnterCriticalSection
LeaveCriticalSection
ExitThread
GetFileSize

user32

wsprintfA

Exports

Exports

ip_allocate_socket
ip_bind_port
ip_close
ip_connect
ip_gethostbyname
ip_gethostname
ip_getservbyname
ip_listen_port
ip_query_protocol
ip_receive_data
ip_release_socket
ip_retrieve_socket_data
ip_reverse_dns
ip_transfer_data

Sections

CODE
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ