f5e4027dd746ad07bf5e4f26cbc808ca_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f5e4027dd746ad07bf5e4f26cbc808ca_JaffaCakes118
Size

24KB
MD5

f5e4027dd746ad07bf5e4f26cbc808ca
SHA1

e1fdceb2afd2ac2038c0eea45570192d5c0eb8ef
SHA256

ae93ba47cf7788feef0c5b5880c3f88d36f71f76cbe199d7ed748981f51837ab
SHA512

b3316c0c929754f365ec91e2f4ac7c3f984ea90d023f7f03aaf31d9f825fa8ec2c03b88a4870ee2358e02cd9881dff7664e0c0d0e57ca6c5b35b17e8acd0d7bc
SSDEEP

192:jZKgO2pBiEHQII1XT0UtnSIEQBW77Jl9qF2gN+L:oj2pBiqI1XT0UXfhY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5e4027dd746ad07bf5e4f26cbc808ca_JaffaCakes118

Files

f5e4027dd746ad07bf5e4f26cbc808ca_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8e1b443733388a6ad492fe6abfd2c717

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
HeapAlloc
GetProcessHeap
HeapFree
ReadFile
WriteFile
GetFileSize
CloseHandle
CreateFileA
FreeLibrary
lstrcpynA
WaitForSingleObject
CreateThread
GetProcAddress
LoadLibraryA

user32

wsprintfA

Exports

Exports

InstallPlugin
PluginVersion
TerminatePlugin

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 593B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 334B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ