b98b9bee2ba6f26b3ea3653065c29f0d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b98b9bee2ba6f26b3ea3653065c29f0d_JaffaCakes118
Size

22KB
MD5

b98b9bee2ba6f26b3ea3653065c29f0d
SHA1

e09cb7729b4f4c28fabe29af7bdb674e17ba64c1
SHA256

59f91bcad745967bdfa01195043b036aa3edb8e5614373925ba99c5f5827c9e8
SHA512

a08bd0de2bb28537a1e29cd2e2348e59804001e9c69eef6651e745f4d330caa2ef1acbd368469bd7512a76168a5882cea346ae3bd66a887757e4482e602e54b5
SSDEEP

384:5ElEkWNdlFI2E8thK2GiOa6u0n4ycydMoLh5PSCzKUJ3btNEJI:5LbFI2E8jKta6u0nemVvPTa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b98b9bee2ba6f26b3ea3653065c29f0d_JaffaCakes118

Files

b98b9bee2ba6f26b3ea3653065c29f0d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5ea76fb51a3f4ea2b8ea7e5c9b289709

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

ws2_32

WSAStartup

msvcrt

_strdup

Exports

Exports

input

Sections

.text
Size: 17KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE