abd438aaf14eadf17d51853dcfbd8737_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

abd438aaf14eadf17d51853dcfbd8737_JaffaCakes118
Size

50KB
MD5

abd438aaf14eadf17d51853dcfbd8737
SHA1

e7ffadfe42ac8022fc81e63486c2660767832025
SHA256

930cf1fa2b8be159f203ccab3de1f72c539d8d11f013886be8a94ca99f6bb6d0
SHA512

3f2397aa6a149768dc9c15ab327ec568bd53acab8699f86b9d3b4181bcbd0b6acd680467554655e77e59db9496b15830f6a66384c8e5cd767e6d38e917da31ba
SSDEEP

384:bAEpMS7v1OiXpJl9PjcoME9IRB4et4BvXZuVlMcCIvW01:bAEdv1OiXpr9Pjco99IRB4VvXZyl/v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abd438aaf14eadf17d51853dcfbd8737_JaffaCakes118

Files

abd438aaf14eadf17d51853dcfbd8737_JaffaCakes118
.dll windows:1 windows x86 arch:x86

18beb1320328472840b3ca0e604b22e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
FindClose
FindFirstFileA
FindNextFileA
GetEnvironmentStringsA
GetFileAttributesA
GetFileSize
GetFullPathNameA
GetLastError
GetModuleFileNameA
GetModuleHandleA
CloseHandle
GetStartupInfoA
GetSystemTime
OpenEventA
CreateEventA
PeekNamedPipe
CreateFileA
ReadFile
RtlUnwind
SetEvent
SetFilePointer
Sleep
TerminateProcess
TerminateThread
CreatePipe
CreateProcessA
WaitForSingleObject
CreateThread

crtdll

_fdopen
_open_osfhandle
_stricmp
atoi
atol
fclose
_cexit
malloc
memset
printf
raise
setbuf
sprintf
strcat
strcpy
strncpy
strrchr
strstr
strtok

ws2_32

htons
listen
recv
select
accept
send
shutdown
socket
bind
closesocket
WSAStartup
WSACleanup
htonl

Exports

Exports

GetPluginInfo
LibMain
PluginFunc

Sections

text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

usrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE