0021d43c960ba5ab16770ae36c8f0d0a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0021d43c960ba5ab16770ae36c8f0d0a_JaffaCakes118
Size

324KB
MD5

0021d43c960ba5ab16770ae36c8f0d0a
SHA1

05979e3894b9613bb8c687667ea4b84b36096526
SHA256

b798f2cba9f956a3ecbcf98fac33d39a693a09384368730d40219e6b21b528ea
SHA512

42f7bf306ea99911eaead3c6b3e73cffe8192a275effd123361fb80a89cce7fa015992bc286e39520e546e96b76c04aef829664545cb2bbfa4b7bcd8a96e9bf0
SSDEEP

6144:F8TmH9jodomNlb2/onJsAmrqtgo/OCMGW6C9XOhPrih3G7D:F8TmHZoddlMrqdHWtXY+s7D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0021d43c960ba5ab16770ae36c8f0d0a_JaffaCakes118

Files

0021d43c960ba5ab16770ae36c8f0d0a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e83cfe7b9f2869e2a8ffbd8654dc445f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_except_handler3

msvcp60

??0ios_base@std@@IAE@XZ

wininet

HttpQueryInfoA

user32

DestroyCursor

gdi32

MoveToEx

advapi32

RegOpenKeyExA

shell32

Shell_NotifyIconA

Exports

Exports

winampDSPGetHeader2

Sections

.text
Size: 309KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE