b473d15570eeb12206dab6ea9a345526_JaffaCakes118 | Triage

Sharing

General

Target

b473d15570eeb12206dab6ea9a345526_JaffaCakes118
Size

17KB
MD5

b473d15570eeb12206dab6ea9a345526
SHA1

65a6961a675636d0b2eae0270f61f4c786d80c25
SHA256

516a0a49cdb88b46293b28ab5a64dc3b1f7615cd6803d0a85f15c7e57480bbc3
SHA512

a912b7116de88204e902aabfe7f3bee9fa512c035dbd78838f43e5ff52c0e3dfda4614b5fff976d3fb0114a0fe760ed6e0244f861dd604045fb0288881eedcb8
SSDEEP

384:Z4P9oeN42IMzomTiwbUHP9lK7GlVzstINIaPbnFw:eP9/NrIM1lUHP9AGlVItIuaPbn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b473d15570eeb12206dab6ea9a345526_JaffaCakes118

Files

b473d15570eeb12206dab6ea9a345526_JaffaCakes118
.dll windows:4 windows x86 arch:x86

cb83f9548b3e4e0ff187b9f365792d98

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

ws2_32

connect

advapi32

InitializeSecurityDescriptor

msvcrt

sprintf

Exports

Exports

input

Sections

.text
Size: 12KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE