14b7d752bf06ec490dfc68a1116f93ed_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14b7d752bf06ec490dfc68a1116f93ed_JaffaCakes118
Size

28KB
MD5

14b7d752bf06ec490dfc68a1116f93ed
SHA1

4daef5cc00a79cf0951afba9c6cf256a3acadbb2
SHA256

e949cf17429228eb7b7c783c107d6fb1ec31f2020e084f9f98f8f88052968fef
SHA512

cc4f614421512a41eaa1e43f80cf3517111d38f101124282805771563c51707ed5c7f5baca31f4adcf8e8f924ce4150b40c5c6c83ab528d689ec1746834c7ce3
SSDEEP

384:7VszOaRG2GW6tvDZ01IuPipVP6P7OD9agYAV/JEYkSX5fVOwHXYMG6MeCs/+U:7VGOx2pcvqQ8jOhagVfYsU6M2/+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14b7d752bf06ec490dfc68a1116f93ed_JaffaCakes118

Files

14b7d752bf06ec490dfc68a1116f93ed_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e2beb37b652eddf76129b2611978d6e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
GetModuleHandleA
GetVersionExA
LoadLibraryA
MultiByteToWideChar
Sleep
WideCharToMultiByte

ole32

CLSIDFromProgID
CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

SysAllocStringByteLen
VariantInit

ws2_32

WSAGetLastError
accept
bind
closesocket
connect
gethostbyname
getsockname
htons
inet_addr
ioctlsocket
listen
ntohs
recv
send
socket

Exports

Exports

DllMain
fwdhby
gltbr
qsmbn
ridfw

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 133B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ