b43e646a2174d121c89720ee9f20d819_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b43e646a2174d121c89720ee9f20d819_JaffaCakes118
Size

21KB
MD5

b43e646a2174d121c89720ee9f20d819
SHA1

fefe364da72daa2451505a3e72f4a269097c6e33
SHA256

a8f75458b15f97600b56fb1417185af4a8906e6a57540156dfd16d0506042955
SHA512

0214b19e4d599b787385a1c6bae34875eac34f48d722f2f4f72b127b4f358b705964cc6adf5cea704860b276e9baa5069937a6c93d8185c20e57a4f49c97c425
SSDEEP

384:P6O7+OFS4XIsJyQks1+Z5ixZPbSYvnTTkSCbSWw3BR8:Ph7+b4X7h1+TIZzSY7gSCbRw3r8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b43e646a2174d121c89720ee9f20d819_JaffaCakes118

Files

b43e646a2174d121c89720ee9f20d819_JaffaCakes118
.dll windows:4 windows x86 arch:x86

15d8a76645fbef70664804252ed07763

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

htons
WSCEnumProtocols
WSCGetProviderPath

kernel32

HeapAlloc
HeapFree
ExpandEnvironmentStringsA
InitializeCriticalSection
WideCharToMultiByte
LoadLibraryW
HeapDestroy
HeapCreate
GetLastError
GetProcAddress
LoadLibraryA
SetUnhandledExceptionFilter
HeapReAlloc
LeaveCriticalSection
EnterCriticalSection
CreateMutexW
VirtualQuery
WaitForSingleObject
WriteFile
CreateFileW
DeleteCriticalSection
ReleaseMutex
CloseHandle
IsDebuggerPresent
GetVersionExA
ExpandEnvironmentStringsW
FreeLibrary
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter

advapi32

RegQueryValueExA
RegSetValueExA
RegDeleteValueA

Exports

Exports

GetLspGuid
WSPStartup

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ