db21c80ef9d5f07d667adc0b75e2acbb_JaffaCakes118 | Triage

Sharing

General

Target

db21c80ef9d5f07d667adc0b75e2acbb_JaffaCakes118
Size

8KB
MD5

db21c80ef9d5f07d667adc0b75e2acbb
SHA1

30068edbace3349ea05e1680de948dd114af1a5e
SHA256

c7af10254c40dad70ea83dbe4e9e9a5b8d2d4df6eff8c80f223f0a875aa35feb
SHA512

242a0d6ac51a1c7dc63004505ff3b6dd7126f2e66876fbcfb2dd9cb666b2545c5d9f0adab7440f876471840612f3857684d409e63b95f159abdc81969e54c1fe
SSDEEP

96:d8s4t4sGYPwkuQR0gHZElANcH03n8/MrLSO0eEupVSz7Hw+6Edt4seBamfg:Ks4twtbkgAWN/aSO0KpUz7QxotMxg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db21c80ef9d5f07d667adc0b75e2acbb_JaffaCakes118

Files

db21c80ef9d5f07d667adc0b75e2acbb_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b14672f90a574ac6b19299359279a777

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
GlobalAlloc
GlobalFree
Sleep
LoadLibraryExA
FreeLibrary
GetProcAddress
LoadLibraryA
ExitProcess

user32

wsprintfA
LoadStringA

wininet

InternetCloseHandle
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetReadFile

ws2_32

bind
listen
WSAStartup
accept
WSACleanup
inet_addr
gethostbyname
socket
send
connect
closesocket
htons
recv
shutdown

msvcrt

_adjust_fdiv
malloc
_initterm
free
_ftol
time
strcat
memcpy

Sections

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 720B - Virtual size: 716B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 336B - Virtual size: 328B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ