1107bca89775e164ce5296b08b720a02_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1107bca89775e164ce5296b08b720a02_JaffaCakes118
Size

11KB
MD5

1107bca89775e164ce5296b08b720a02
SHA1

a256ffe3af9ab7bad1185e55ad0f41cd02363fe3
SHA256

df1669521c83a2e8904bfd2c52787e6e35772934344cdc4b16cb5af9dc5d1a3b
SHA512

f15443d9606ae24a7ea48e30addc4bd882da75374909af87e96cd3d080dff7afaca7c3e6273ad9c84f94460a0a09db6b5386764d4b4931a9cc570f08a1be3289
SSDEEP

192:fb5jq5JJYwxDao+SCDgBWD9M1GvzqkHX7THCcgMIUh7W6FJ1VvfQsQcjZPjO:fb9q5J9xD4SCDMWyILqeX7THHgbM7FFm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1107bca89775e164ce5296b08b720a02_JaffaCakes118

Files

1107bca89775e164ce5296b08b720a02_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ab9aa820d818f00f034cc218780723e4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcatA
lstrcpyA
Sleep
ReadProcessMemory
GetCurrentProcess
CreateThread
WriteProcessMemory
lstrcmpiA
GetModuleFileNameA

user32

wsprintfA

wininet

InternetOpenUrlA
InternetOpenA
InternetCloseHandle

Exports

Exports

??4CJJDll@@QAEAAV0@ABV0@@Z
TKTnyInit

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.AVNY0
Size: 512B - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AVNY1
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 676B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ