bebff92fb6c06f1fa9de6d8e225f0a3c_JaffaCakes118 | Triage

Sharing

General

Target

bebff92fb6c06f1fa9de6d8e225f0a3c_JaffaCakes118
Size

11KB
MD5

bebff92fb6c06f1fa9de6d8e225f0a3c
SHA1

4c7d6ec5dbba8537577330d4c87e06ce44f51170
SHA256

e3d71144063fc6e6a6612eeb0bee6972b5db61f58f9951848db8dd4619549780
SHA512

46b3619c49e6b3386edb981bfddf7a6b5e369f33648d9131ba02184b73aacb9e6732f3a17ff439ca426ee95b97416cdab1f785e1cd42dab6b9ae979ca48f97e5
SSDEEP

192:R84Zto+IlnoCogppHiCrWJFutoW0t9oEe5LCA/4OQ2LG4OQ1L1k8LNxQE+:RglkUHIJOU9e/42G4XBk8Z6x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bebff92fb6c06f1fa9de6d8e225f0a3c_JaffaCakes118

Files

bebff92fb6c06f1fa9de6d8e225f0a3c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

71bbf9d6bc0978e2f35bf1272a3f36a6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle

ws2_32

socket
send
ioctlsocket
bind
listen
accept
gethostbyname
connect
__WSAFDIsSet
closesocket
recv
select
htons
WSAGetLastError
WSAStartup

msvcrt

strncpy
_except_handler3
strncmp
exit
sprintf
rand
srand
free
_initterm
malloc
_adjust_fdiv

kernel32

GetTickCount
OpenMutexA
CloseHandle
CreateMutexA
Sleep
CreateThread

user32

SetTimer
GetMessageA
DispatchMessageA
TranslateMessage
DefWindowProcA
RegisterClassA
CreateWindowExA
PostQuitMessage
DestroyWindow
KillTimer
wsprintfA

advapi32

OpenSCManagerA
OpenServiceA
ControlService
DeleteService
CloseServiceHandle
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey

Exports

Exports

_DllMain@12
load

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 674B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ