f51acacb590dd81f07d6fc029572be18_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f51acacb590dd81f07d6fc029572be18_JaffaCakes118
Size

6KB
MD5

f51acacb590dd81f07d6fc029572be18
SHA1

db71187a339aa0ad5d294617aaba4e499adeb4e9
SHA256

abc34bf03b825286bd431c512ec6238c7fd56d1411f73706612942c85f9c81e9
SHA512

c29de015cf416d54a0300c93da69c9cebc792dba84085e5ba6ebcc96b13ed7348199faf74777d47acc496ab7b517e242d0ad6385e34343983c8edfb74aff8649
SSDEEP

96:AEEBjVMtzKhGtM2Z6H/irJaEiohdV0Ah1ORCmA3YQ5+kgtO2jthRWdKFLi:AEEYzKhD+r0ZohdV06IRbKKFthRWdKF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f51acacb590dd81f07d6fc029572be18_JaffaCakes118

Files

f51acacb590dd81f07d6fc029572be18_JaffaCakes118
.dll windows:4 windows x86 arch:x86

90474fb1d7a965f9c7b15ca8387d256d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
lstrlenA
Sleep
GetLastError
HeapAlloc
ReadFile
SetFilePointer
CreateFileA
GetModuleFileNameA
HeapFree
GlobalAlloc
CloseHandle
lstrcpynA

user32

wsprintfA
CharLowerBuffA

advapi32

RegCloseKey
RegOpenKeyA
RegEnumValueA

wininet

FindCloseUrlCache
FindNextUrlCacheEntryA
FindFirstUrlCacheEntryA
InternetCrackUrlA

Exports

Exports

CheckIEHistory
GetVerID

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 342B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ