b034c5a4d25017a4709dabef2b58e5cb_JaffaCakes118 | Triage

Sharing

General

Target

b034c5a4d25017a4709dabef2b58e5cb_JaffaCakes118
Size

17KB
MD5

b034c5a4d25017a4709dabef2b58e5cb
SHA1

8d927d45c4c66055e5d6e796f3aae9a0baf2e268
SHA256

3a092179e5698374f4d688ede40a84a1b7fa3220f8b266f1edf143e554d6446a
SHA512

20625cbdea9507e6bbfe4954e329a356d906d8243ba0a1170d14f8a9ab745b7dd8fc5695f4f23e42977e85122834dc57c0d02a2f8c427013dd605c90a7e77976
SSDEEP

192:777fp8z9YOrmPWFWoIk/+dUOjCVpOTn4mZE1eK5X141MRv4IsWnFBjWscLf9Ql+H:TWZm+FuPiS4ma1eKfWIDj8GAFfZN9Vm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b034c5a4d25017a4709dabef2b58e5cb_JaffaCakes118

Files

b034c5a4d25017a4709dabef2b58e5cb_JaffaCakes118
.dll windows:4 windows x86 arch:x86

784f03a02de83e6b0e80793dcc1d4f2a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

ws2_32

gethostbyname

advapi32

InitializeSecurityDescriptor

msvcrt

fopen

Exports

Exports

input

Sections

.text
Size: 13KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE