00e3577a692cdf428e26819f65b1dbf9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

00e3577a692cdf428e26819f65b1dbf9_JaffaCakes118
Size

13KB
MD5

00e3577a692cdf428e26819f65b1dbf9
SHA1

9e14fe4070bebf3efb80cab9c777e90ed363f378
SHA256

bf64d68989e55ed6e419665e8e125c520b051c3667bdedabcb0def25a4bb231f
SHA512

97f5c6ef798b6ad5face4cdee5bcf8c2d86926a47c7c85fad7a96ac5f42cb76ac429f5ef59c39d3b07faa3a5f560b869eae60af33bd9995e8aa490c2a0af295d
SSDEEP

384:FbQ9xj4vtrBvVDZTM0R2YQ/SFw7dbqZoTxuJN+/f:FbQ9xj4FrBvpZTndaSN+n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00e3577a692cdf428e26819f65b1dbf9_JaffaCakes118

Files

00e3577a692cdf428e26819f65b1dbf9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

cc670221c15248b68fbf317e7978f777

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteFile
CreateFileA
FindClose
FindFirstFileA
DeleteFileA
SetFileAttributesA
SetFileTime
SystemTimeToFileTime
CopyFileA
GetVersionExA
GetLocalTime
CreateMutexA
GetLastError
CloseHandle
CreateThread
GetSystemDirectoryA
Sleep
DisableThreadLibraryCalls

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA

shell32

ShellExecuteA

rpcrt4

UuidCreate

wsock32

recv
send
gethostbyname
socket
htons
connect
closesocket
WSACleanup
WSAStartup

msvcr71

strcpy
strrchr
strstr
_onexit
sprintf
__dllonexit
__CppXcptFilter
_adjust_fdiv
malloc
_initterm
free
_except_handler3
memset
__CxxFrameHandler
strcat
strlen
strchr

iphlpapi

GetAdaptersInfo

Exports

Exports

ThreadEntry

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ