c0cbddc7d96de10ebb8a9466c2348f31_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c0cbddc7d96de10ebb8a9466c2348f31_JaffaCakes118
Size

120KB
MD5

c0cbddc7d96de10ebb8a9466c2348f31
SHA1

725571bf8d5d0d7a221bb53a0230dcfaf7911853
SHA256

5ea938e343ac13f1d4510795294b7c749548db4b160c500f752964758b90ab6f
SHA512

b1970faecbad5358ee5b091e1b79afa44840d30efaaf3c8a0d579edcb611e74765107bb1068b78d38eec44093832d5f75df16fb5ce215317d144534ad2db6642
SSDEEP

3072:rbdN1QHNCLVtDBB4WZFd5/yCzwnMGBZw1FB8:NN1IIdWW15KEwM3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0cbddc7d96de10ebb8a9466c2348f31_JaffaCakes118

Files

c0cbddc7d96de10ebb8a9466c2348f31_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b6d583734f0ef3492f75162f57d3b987

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Beep
GetTickCount
SetFilePointer
GetProcessVersion
GetMailslotInfo
GetConsoleCP
DuplicateHandle
CreateFileMappingA
WriteFile
ReadFile
CreateFileA
DeleteFileA
HeapAlloc
GetProcessHeap
HeapFree

msvcrt

_except_handler3
memcpy

mprapi

MprConfigServerGetInfo
MprConfigServerDisconnect

netapi32

NetApiBufferSize
NetApiBufferAllocate
NetApiBufferFree
NetServerGetInfo

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 934B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ