114a92dfb8cb78c1e03fa04cad9bce85_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

114a92dfb8cb78c1e03fa04cad9bce85_JaffaCakes118
Size

114KB
MD5

114a92dfb8cb78c1e03fa04cad9bce85
SHA1

8f7f9fcea38cd812bb49e83cc362fabd7fe78f94
SHA256

c74641d3f1aeeb1015ff9085f21045e76c013ee774fae0cf54d0f872345e5727
SHA512

cdc6ca5203e199e4a4cc89cf5ee2ab6b4031b790c12b7d8cfb7b91b22e75ba2306a4e651d9285b7c2aa1b6a47b1452ff8b8d6994aeab67bd1912c357e3347f93
SSDEEP

3072:Zb/RRloQtE+qiPuZrbnMILpMLrER/5sKPf5/:pJMQtQtFbMg0YZiKHZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
114a92dfb8cb78c1e03fa04cad9bce85_JaffaCakes118

Files

114a92dfb8cb78c1e03fa04cad9bce85_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f8cd52573a039e73da0423bf97171616

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wsock32

connect
send
socket
ntohs
ntohl
WSAStartup
WSACleanup
gethostbyname
htonl
recv
htons

winmm

timeGetTime

msvcrt

time
qsort
fclose
_strdup
_write
_fileno
vsprintf
fprintf
_iob
malloc
sprintf
strrchr
free
_ftol
ctime
_initterm
_adjust_fdiv
_close
fread
fopen
atof
atol
atoi

kernel32

GetModuleFileNameA
SystemTimeToFileTime
GetSystemTime

Exports

Exports

_JVM_OnLoad@12

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 923B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ