ff2cb9f93523fb4ed86c8fb72c45a600_JaffaCakes118 | Triage

Sharing

General

Target

ff2cb9f93523fb4ed86c8fb72c45a600_JaffaCakes118
Size

22KB
MD5

ff2cb9f93523fb4ed86c8fb72c45a600
SHA1

a4389209cb65199c6f402f514390081751c69cc5
SHA256

0857509866f308add11d9e994bebb700f65066d269b2153c735fbcfd6ce1dd96
SHA512

4d6ab9121942d3db3ec543e447a4db70692d6cbabb28fa9c34160da84b886b09c6c69569f9589c5c06d1a7eef99c7723cffc25379b38abff1cd4865e15f77ab5
SSDEEP

384:TRUR7SSzrX7QScrKm6dzgrD1jY423w7Wynfsy:VURVrXsScrqMVc42gdZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff2cb9f93523fb4ed86c8fb72c45a600_JaffaCakes118

Files

ff2cb9f93523fb4ed86c8fb72c45a600_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c682483b70b3c7dbf346bc2437de0526

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetLastError
Sleep
GetTickCount
lstrcmpiA
CloseHandle
lstrlenA
GlobalAlloc
GlobalFree
DeleteFileA
FreeLibrary
LoadLibraryExA
SetFilePointer
GetModuleFileNameA
GetModuleHandleA
lstrcatA
CreateThread
DisableThreadLibraryCalls

wininet

InternetReadFile
HttpOpenRequestA
InternetConnectA
HttpQueryInfoA

Exports

Exports

DllCanUnloadNow
DllUnregisterServer

Sections

.text
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ