c1376045a62534625c49d696207fec62_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c1376045a62534625c49d696207fec62_JaffaCakes118
Size

21KB
MD5

c1376045a62534625c49d696207fec62
SHA1

7e9649544ef1c3ce58b3eb422568b0792c5c06c9
SHA256

1c69186a81a2b2398d9ddd4afdc7648928178699ea5abeb82a2eb2004e887974
SHA512

7f495699f1edc04b6a4498483e3882e1c0aa569c6c06d7a259169c38e3c98d4ec72afbeb3f94eb485f583fdc28c85062f156180f2b91f796ad6987fe6794981e
SSDEEP

384:HO2AnrchqaOxURJaGMrOpTfAWyQY9uuY42g4dv8mr3GfsS:Hxkwh3OK+WySd42gmDu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1376045a62534625c49d696207fec62_JaffaCakes118

Files

c1376045a62534625c49d696207fec62_JaffaCakes118
.dll windows:4 windows x86 arch:x86

100045825917be9b5ef6695e46f922db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetLastError
Sleep
GetTickCount
lstrcmpiA
CloseHandle
lstrlenA
GlobalAlloc
GlobalFree
DeleteFileA
FreeLibrary
LoadLibraryExA
SetFilePointer
GetModuleFileNameA
GetModuleHandleA
lstrcatA
CreateMutexA
ExitThread
CreateThread
DisableThreadLibraryCalls

wininet

InternetReadFile
HttpOpenRequestA
InternetCloseHandle
InternetConnectA
HttpQueryInfoA

Exports

Exports

DllCanUnloadNow
DllUnregisterServer

Sections

.text
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 660B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ