e9bd4c8fb1cd2b62716375fe9088eb81_JaffaCakes118 | Triage

Sharing

General

Target

e9bd4c8fb1cd2b62716375fe9088eb81_JaffaCakes118
Size

74KB
MD5

e9bd4c8fb1cd2b62716375fe9088eb81
SHA1

54e408d6c2b38318e00ab8f43dcb5f27a9d1f463
SHA256

e0c42e1ddf6c7671c260d9a4e764a17d0b07845d9d2e7d15717d7aa9040ca553
SHA512

8cc1316a18d211f9b52dbc9f3812e966ccb4462a4b6ace01f7d5ddbf5c6081a57a917f80f7e8082e764293254d403770f0eaff10f0e6015deb16b2984807ff20
SSDEEP

1536:jc0oQJlEPEcbpnAr6+vpVxu7l16n5OpoUR2/PCfFlsehgoVr0GHSW:jfJrEP1irBHxuba5OpoUIPuFSQR0GyW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9bd4c8fb1cd2b62716375fe9088eb81_JaffaCakes118

Files

e9bd4c8fb1cd2b62716375fe9088eb81_JaffaCakes118
.dll windows:4 windows x86 arch:x86

620c492c3d18c7b40321d9d914b9c197

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
GetTickCount
lstrcatA
WinExec
ReleaseMutex
GetLastError
CreateMutexA
SetErrorMode
GetModuleFileNameA
lstrcpyA
WritePrivateProfileStringA
GetPrivateProfileStringA
lstrlenA
GetTempPathA

user32

wsprintfA

advapi32

RegCloseKey
RegOpenKeyA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetOpenA

msvcrt

_except_handler3
_adjust_fdiv
malloc
_initterm
free
memcpy

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 24B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 1006B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 460B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ