be971fa3e735ce3628abe4495976c026_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be971fa3e735ce3628abe4495976c026_JaffaCakes118
Size

21KB
MD5

be971fa3e735ce3628abe4495976c026
SHA1

fe015a89112f4ceee54db3287e0803605a846cd8
SHA256

4555524e370c5ff0a54ae5329ab908072f4b1d99132d36ec45d029e167af3633
SHA512

0a5e99720c147fada8495163eca81c4ead667cbd5586107133b30a993db9de46cda0dffbdd93052dc428118f17364e2a17e9d57d18de8dabc33506084c5441a5
SSDEEP

384:32yQ3o+0Fm25ODWXpWsN3egE34wIY423Xc8fsfx:3HQ3V2ADWgsQgEDb42Cx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be971fa3e735ce3628abe4495976c026_JaffaCakes118

Files

be971fa3e735ce3628abe4495976c026_JaffaCakes118
.dll windows:4 windows x86 arch:x86

87615e807098ddbf24a93127f0381eef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetLastError
Sleep
GetTickCount
lstrcmpiA
CloseHandle
lstrlenA
GlobalAlloc
GlobalFree
DeleteFileA
FreeLibrary
LoadLibraryExA
SetFilePointer
GetModuleFileNameA
GetModuleHandleA
lstrcatA
CreateThread
DisableThreadLibraryCalls

wininet

InternetReadFile
HttpOpenRequestA
InternetCloseHandle
InternetConnectA
HttpQueryInfoA

Exports

Exports

DllCanUnloadNow
DllUnregisterServer

Sections

.text
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 674B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ