bb040f3b349e9011d55833120035c969_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb040f3b349e9011d55833120035c969_JaffaCakes118
Size

45KB
MD5

bb040f3b349e9011d55833120035c969
SHA1

110c1f48765bcd3adf8a74887f4d2d2e2d7f7e30
SHA256

886595516b7988b0ab1e34a2ee7e84a57a5123da45a785a028ac07295898c647
SHA512

18f643f8afeb97faea8151023b38c2ed62d5e12fcbb998c6aea77676cbc90e8e471f675261478ef8048d6c8e3a29508a42b8639ea9ead299c1289db7c52125d4
SSDEEP

768:j57nbKV6v8acIXpgcf/zvXPp5Puhcygk4gdl8FB7S7uKx3LdnnbH91z:jpnmipv/N5m4gdOFBT+3xbdl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb040f3b349e9011d55833120035c969_JaffaCakes118

Files

bb040f3b349e9011d55833120035c969_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5544a558178895c012502baa823128b4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

ws2_32

connect

advapi32

SetSecurityDescriptorDacl

Exports

Exports

start

Sections

.text
Size: 39KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE