fd5822395de6607dceb8d8bc27489a6e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd5822395de6607dceb8d8bc27489a6e_JaffaCakes118
Size

18KB
MD5

fd5822395de6607dceb8d8bc27489a6e
SHA1

6dbb2b04960dc95c9ee2303ae29f2af1f0f58d6b
SHA256

e6fab3b201d93a4868bda42ac842f03d6e021e4a73a85a199aba61f8b6296a6f
SHA512

2c2971c1146ea00f895052ec93020d34002b2244e2f3554ebd10934902de983218e8e0838966057cb0465ebb6a12f0660086cd9685c1400800eb3aa0e4f274e0
SSDEEP

384:R5VaCMalBpOC3jUnvBQbdHofH5bpFgbLF:RG/QBkCzMpiHoFpFg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd5822395de6607dceb8d8bc27489a6e_JaffaCakes118

Files

fd5822395de6607dceb8d8bc27489a6e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6ec1ebdcf8ad41cbb930bd17acfe7f5a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

ws2_32

socket

mfc42

ord825

msvcrt

sprintf

user32

wsprintfA

advapi32

RegCloseKey

Sections

.text
Size: 12KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE