bb0707c14523945e2e76117c6abd38d9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb0707c14523945e2e76117c6abd38d9_JaffaCakes118
Size

134KB
MD5

bb0707c14523945e2e76117c6abd38d9
SHA1

f945f2bde0d62b4bd01feac10c7d116c7f6f9170
SHA256

59e5e6fc5cb657c43cb9b7c326fd572853465b7a4e5c3dd331743189a2007e8f
SHA512

f6e8caaf64d220cac89916f30a81915808281aae60ae9412107369d4f2b1f0022378a72a2ed486b5c51e412e0018cecbe720c83c68f1aab2890cf9b0cdd33e5f
SSDEEP

3072:K4BZPXVqW0Cg108Lk/LD+4y/qylYeog2EBafuqNVaeu4:KUZNb0CY0uKLC5/DOKa5WeF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb0707c14523945e2e76117c6abd38d9_JaffaCakes118

Files

bb0707c14523945e2e76117c6abd38d9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1a64df3cb0103fe648f7b56dc0082852

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
GetModuleHandleA
GetProcAddress
VirtualProtect

user32

SetWindowTextA

msvcr80

??2@YAPAXI@Z

ws2_32

closesocket

Sections

.text
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.NSF0
Size: - Virtual size: 986B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.NSF1
Size: - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.NSF2
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ