1092e3cd4b8aa98200efd87ad8fe9459_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1092e3cd4b8aa98200efd87ad8fe9459_JaffaCakes118
Size

18KB
MD5

1092e3cd4b8aa98200efd87ad8fe9459
SHA1

8b1f6f3a9a86a3634dce8b41d98f726063e131a7
SHA256

a9a56962713f3b3cdc308bb15556c6b57fc6a0fa5e9c8ad6ab53e33e17fa389d
SHA512

992fab4331876991327a574d009f8826009f090c9f757b016b8d4fd7563ec0b4fc39fb5e29711b70c9cd463666e4cd9fe32abe191b950a5b088489dc6b7f4318
SSDEEP

384:8DBHo7xX9iGgOa7Pfp+/BRiBZWG5VL3ArCQBA+DmTVdFUXiNBP1AGtw:8e7TiGgH7PR8BnKVL3X+DmTzuXQBP1c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1092e3cd4b8aa98200efd87ad8fe9459_JaffaCakes118

Files

1092e3cd4b8aa98200efd87ad8fe9459_JaffaCakes118
.dll windows:4 windows x86 arch:x86

71586eb89bcf21674e62bf5fb5827326

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileA
GetSystemDirectoryA
TerminateThread
SetThreadPriority
CreateThread
GetModuleFileNameA
DisableThreadLibraryCalls
FindResourceExW
Sleep
CreateNamedPipeW
CreateDirectoryExW
CreateProcessA
WriteFile
GetTempPathA
GetLocalTime
VirtualAlloc
VirtualFree
CreateFileA
GetLastError
CloseHandle
LoadLibraryA
GetACP
GetProcAddress

user32

GetCursor
GetDC

wininet

InternetReadFile
InternetCloseHandle
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA

advapi32

ControlService
OpenServiceA
DeleteService
OpenSCManagerA
CloseServiceHandle

msvcrt

sprintf
memset
_except_handler3
strcat
strcpy
strrchr
strlen
memcpy

Exports

Exports

DriverProc
modMessage
modmCallback

Sections

feHgeB
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 330B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ