c19bf16b67a5a6a52faf89e5f9846e1c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c19bf16b67a5a6a52faf89e5f9846e1c_JaffaCakes118
Size

101KB
MD5

c19bf16b67a5a6a52faf89e5f9846e1c
SHA1

12e90b981bf7eba6200a0bffaa3dc20e07ce47cc
SHA256

439a27fc6b8c724bb0bdc23bdefa3f9aabe167ecc023ffe35390fc39bb4a20ab
SHA512

2b8374621ebc54c35c8223e5ca8e398d980df4b88375098ad7b7772afe9931824c2ac6c4ddaf9176871c249d0a1781f4bb35b952c22ce80d6454b504e63bc5df
SSDEEP

1536:hFTOr0b12OI8dcg+imtP17KTspE764ZY:mIq8SntpKIpCf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c19bf16b67a5a6a52faf89e5f9846e1c_JaffaCakes118

Files

c19bf16b67a5a6a52faf89e5f9846e1c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

cb0ed5229c37274ece18c39f80ceeafc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA

advapi32

RegOpenKeyA

gdi32

DeleteDC

ole32

CoCreateGuid

oleaut32

VariantClear

rasapi32

RasEnumEntriesA

shlwapi

StrDupA

user32

GetDC

wininet

InternetOpenA

wsock32

send

Exports

Exports

DLLGetClassObject
Init
InitA
InitW
Logon
ch
ss

Sections

.text
Size: 48KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE