dc473b9a1983dc1a86681d9ee7a828c5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dc473b9a1983dc1a86681d9ee7a828c5_JaffaCakes118
Size

128KB
MD5

dc473b9a1983dc1a86681d9ee7a828c5
SHA1

1074ce21086550e409e66d504b9edec5d8174128
SHA256

d651f9aa3890bebc972651b36e7b999bb8f733218c1c0ac0a7d6514d1b13e7f6
SHA512

f84aa69b282c77fb467c67f3e352ca818de79e50b7c53e66e3aa4a14ad5e9cf80c733defa2bf923c496e0bc504925675f8fc5a350466cc35aa5008ddebc8e10d
SSDEEP

3072:fHzMXuLOglJ4m9fC6+pYOcdrhiMJOlRzUr/xK4PTn/7:QXfk48fCzWDiMJkRAr/x7/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc473b9a1983dc1a86681d9ee7a828c5_JaffaCakes118

Files

dc473b9a1983dc1a86681d9ee7a828c5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

bf9263b8d7424bfca2a224001d80bcc2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ipsearch

_GetAddress

mfc42

ord1775

msvcrt

free

kernel32

LocalFree
GetModuleHandleA
GetProcAddress
VirtualProtect

user32

PostMessageA

gdi32

GetStockObject

ws2_32

inet_ntoa

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UC0
Size: 4KB - Virtual size: 870B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.UC1
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UC2
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ