bf078b4e5225d92c6d14030f90e5aa6e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf078b4e5225d92c6d14030f90e5aa6e_JaffaCakes118
Size

7KB
MD5

bf078b4e5225d92c6d14030f90e5aa6e
SHA1

1ece40c75b9b79c843940fea9564975dd683fdc7
SHA256

1aa07ecdc32934096bbed49032369d745015faa37f4cf95964b7b5819c03063f
SHA512

733d6df5c3e9a0263e91c18343d45da371ab3b10f8f45ebee83681abf4030cfeef1c58c3e5db494e425cf7236acc8d43d855ecd030ca8f101ec791a5724b896f
SSDEEP

96:FtRrHcaqCEjZ2maWtk9GP3gzxIwpuu7qWDEXg7pafE1gX1m:XRaFj8mak8GP3gtIwp7G4H7cIglm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf078b4e5225d92c6d14030f90e5aa6e_JaffaCakes118

Files

bf078b4e5225d92c6d14030f90e5aa6e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

962bf5c50cb3ee8984a7dde61626cdf5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadProcessMemory
GlobalLock
GlobalAlloc
Thread32Next
TerminateThread
GetThreadPriority
CloseHandle
GetProcAddress
GlobalFree
Thread32First
CreateToolhelp32Snapshot
GetPrivateProfileStringA
Sleep
VirtualProtectEx
WideCharToMultiByte
ExitProcess
GetModuleFileNameA
GetCurrentProcess
GetCurrentProcessId
GetModuleHandleA
CreateThread

user32

SetWindowsHookExA
CallNextHookEx

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetOpenA

msvcrt

sprintf
_adjust_fdiv
malloc
_initterm
free
memset
memcpy
strcpy
strlen
_stricmp
??2@YAPAXI@Z
strrchr
??3@YAXPAX@Z

Exports

Exports

f1

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdata
Size: 512B - Virtual size: 271B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ