de235a10ef9d2c3486cf2330fddbd3dd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de235a10ef9d2c3486cf2330fddbd3dd_JaffaCakes118
Size

18KB
MD5

de235a10ef9d2c3486cf2330fddbd3dd
SHA1

56f71d6e81421684493b5b62436a7f5065fed967
SHA256

08bf9443a78897794127986f6a3fac7b495f19ed0671f11e0a15a5c5e009f384
SHA512

0e8fd37710b7272ab78530afce1d3e813d7815868c4d1620b757e7b1b6774d6a92e8133c2eaf7a871b9f699896a54ed56ca5f991c4f0933ea2db54125a450cae
SSDEEP

384:mva4tOXPVeZisLmxb9s5Blv2sR18A9SsbhuNhPqHxDH/tJuC:Ds1v2In9SsYP8xDfX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de235a10ef9d2c3486cf2330fddbd3dd_JaffaCakes118

Files

de235a10ef9d2c3486cf2330fddbd3dd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ca9336a08c760ef00de3c171072ac08a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
lstrcatA
GetSystemDirectoryA
Sleep
lstrcpyA
ExitProcess
lstrcmpA
lstrlenA
lstrcpynA
lstrcmpiA
GetTickCount
CloseHandle
ReadFile
CreateFileA
GetModuleFileNameA
CreateThread
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
GetLastError
CreateMutexA
RtlUnwind

user32

CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
PostThreadMessageA

wininet

HttpOpenRequestA
InternetCloseHandle
InternetOpenA
InternetReadFile
HttpSendRequestA

Exports

Exports

wdof
wdon

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ