dfcc8e0c4e1065c82dc58af9ac5ef149_JaffaCakes118 | Triage

Sharing

General

Target

dfcc8e0c4e1065c82dc58af9ac5ef149_JaffaCakes118
Size

378KB
MD5

dfcc8e0c4e1065c82dc58af9ac5ef149
SHA1

cf426c8fc271cc30a9b7abd0faa7bf27ee02c7bf
SHA256

c96a6044d5427eda3fd1f1685cbd763ff3fda17f83ffc5846a63e477f35bf13a
SHA512

d6edc54ccbfd8696a442a7bb6fcd1d594ad923ee4028578649adf31d0ba1c426c360cb43b5d3a05e071466c1bfcf9eea7b5e585277720f9399f316747547221d
SSDEEP

6144:WdKo+istB3Omz7GuoaaeTt/ROs2vim9RdDdOnlnYsNaE+u9dAY7PxT80UC+te:qKo+istJN7Wqt/sltDOY6j+uAq5JUCC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfcc8e0c4e1065c82dc58af9ac5ef149_JaffaCakes118

Files

dfcc8e0c4e1065c82dc58af9ac5ef149_JaffaCakes118
.dll windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Exports

Exports

GetNewInf
GetNewSock

Sections

.text
Size: 366KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE