a5735936b44f5bb2bcc31b2ea6143e18_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a5735936b44f5bb2bcc31b2ea6143e18_JaffaCakes118
Size

24KB
MD5

a5735936b44f5bb2bcc31b2ea6143e18
SHA1

768d127d012961e1b11a96f3f450ca94d8cef86a
SHA256

c67a360b1a243b198bae9812349099c814d58d9323d9e2c9f0df9d9392c44b29
SHA512

d63538ea1e2971e7ca3a437d48054dea39dd560683d268482b70e6e58f8465c9f2ed9a4e27b894078acf1943c4e7c3bf96acf3a83a65bda8a34b12cf82ef98be
SSDEEP

192:5cAFtwdzm6U/IuBBQ6PRQkBpjL9ZRb3Ich15:L3M66juBBQARQkHPHRjIch1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5735936b44f5bb2bcc31b2ea6143e18_JaffaCakes118

Files

a5735936b44f5bb2bcc31b2ea6143e18_JaffaCakes118
.dll windows:4 windows x86 arch:x86

498b5eca4414b8a52bd40812fbb1b006

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
lstrcatA
lstrlenA
VirtualProtect
CreateThread
CloseHandle
GetModuleFileNameA

user32

SetWindowsHookExA
KillTimer
SetTimer
wsprintfA
UnhookWindowsHookEx
CallNextHookEx

wininet

InternetOpenUrlA
InternetOpenA
InternetCloseHandle

ws2_32

gethostname

msvcrt

_adjust_fdiv
malloc
_initterm
free
strlen
strrchr

ntdll

_strlwr
_itoa

Exports

Exports

ServiceRouteEx
StartServiceEx
StopServiceEx

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 410B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ