d64e1475984fc4f17741141029bf76a5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d64e1475984fc4f17741141029bf76a5_JaffaCakes118
Size

3KB
MD5

d64e1475984fc4f17741141029bf76a5
SHA1

6445d8c723e05c709aeca45523ebbfeddebd23bc
SHA256

f46488bc33c78670d8323be1369cc5ded928e7454d5ee5e617d7f72f3019ffdb
SHA512

74ed4fe37e4e8292e28e0df63099d234efd7a478650a5b45a409e51d51d121f45010cc05c1ad7f1103453b1716aea96523e7566b9587cb13fccb592265f58f0d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d64e1475984fc4f17741141029bf76a5_JaffaCakes118

Files

d64e1475984fc4f17741141029bf76a5_JaffaCakes118
.dll windows:1 windows x86 arch:x86

7fbbe830a818b05c5b0397d92b69c59e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
GetModuleFileNameA
LocalAlloc
Sleep
VirtualProtect
lstrlenA
lstrlenW

user32

CallWindowProcA
CreateDialogParamW
SetWindowLongA
SetWindowTextW
ShowWindow

advapi32

RegCloseKey
RegCreateKeyA
RegSetValueExA

wsock32

WSACleanup
WSAStartup
closesocket
connect
gethostbyname
ntohs
send
socket

wininet

InternetConnectA
InternetOpenUrlA

Exports

Exports

Hooks

Sections

.code
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE