deb00fffbf276ddb042d647d14fd0232_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

deb00fffbf276ddb042d647d14fd0232_JaffaCakes118
Size

12KB
MD5

deb00fffbf276ddb042d647d14fd0232
SHA1

adc612efb7845cfdaca8207c5ef48b331200f5d9
SHA256

148e7ce995aaf2f6bc0a68e8d38b4f71f7e4905b0d790912a74a3c08fb7165b3
SHA512

b4f89a0d4b91a4dd669c876d935a38984aa53941254e29180afd10b76499d9d4f924ea80caa07f936253dd8bcd6fc1e46935b3a8028d5e00fd846f321d9af8d3
SSDEEP

192:By72w2n/+/8l22xRumP6rpNEflAgJa2B1r/lelji0vRU6xW7cIW41:BC2wyMW2IRumeEflAgJa2B1xeljrLW75

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
deb00fffbf276ddb042d647d14fd0232_JaffaCakes118

Files

deb00fffbf276ddb042d647d14fd0232_JaffaCakes118
.dll windows:4 windows x86 arch:x86

30d4c6e3c4785941eb05a4b2a75c920f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTempFileNameA
GetTempPathA
Sleep
FreeLibrary
GetProcAddress
DeleteFileA
LoadLibraryA
GetVolumeInformationA
GetModuleFileNameA
ResumeThread
SetThreadContext
GetThreadContext
WriteProcessMemory
GetModuleHandleA
lstrcatA
GetTickCount
CreateThread
CopyFileA
lstrlenA
lstrcpyA
GlobalFree
CloseHandle
GlobalAlloc

user32

wsprintfA

advapi32

RegCreateKeyA
RegCloseKey
RegQueryValueA
RegOpenKeyA
RegSetValueExA

wininet

HttpSendRequestA
InternetSetOptionA
HttpOpenRequestA
InternetConnectA
InternetCrackUrlA

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ