d0a0379c53351045d5534cd7145e4cfd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0a0379c53351045d5534cd7145e4cfd_JaffaCakes118
Size

707KB
MD5

d0a0379c53351045d5534cd7145e4cfd
SHA1

f9c4b65491ed64d32e1d46eb7f989f018f877689
SHA256

86d8080e61bffd15268ae4909ff2b8ab60cb9fb6f1ab9da0e14b194d6cdd1705
SHA512

f95d00b43e89c21bbc0c02062b54479d4c9e7c152e42ec831c140621fc877ee618bd278904bdaf9cb11d74adcf82298516df1760ed2688516055891f5ed5be56
SSDEEP

12288:BPXp/dwTcjhyLiPz89h7orsVe/tYQo5EkBhsKA8uCvJRyN3gNWAYWU/MhEO8iQQy:R5KctpEJWYQKEkPsXsJRyBjvOXy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0a0379c53351045d5534cd7145e4cfd_JaffaCakes118

Files

d0a0379c53351045d5534cd7145e4cfd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

54fbe6f81bcc702c496c5acc8f03c59d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetACP

advapi32

RegCloseKey

iphlpapi

GetAdaptersInfo

dhcpcsvc

DhcpCApiCleanup

psapi

EnumDeviceDrivers

Exports

Exports

vli_get_version
vli_init
vli_shutdown

Sections

.sect0
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sect2
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.protext
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.prodata
Size: 684KB - Virtual size: 703KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE