ec9662a46dc399c3e0a6e4e7d6becb4d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ec9662a46dc399c3e0a6e4e7d6becb4d_JaffaCakes118
Size

152KB
MD5

ec9662a46dc399c3e0a6e4e7d6becb4d
SHA1

ff2926a3f35018846cd4996fad36948adbc1cb73
SHA256

4785a583fde340cbc7ce183383368dcf533247599f7f5012e00ccef7194c08aa
SHA512

89b07c236d4787da624090a00f0a64ccc72d13527a4ce2680f85bb45e830949d177cd8660819d9cf05bd9055e114bf3fbdc7c0897dab483879002b56272d2463
SSDEEP

3072:1FdVOmh97Oc3trga6T64Lk9PFaPQ4sMb7bk0fX1K6BG+aO0vr:1FD0ab4LvPdsubk8XzjaO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec9662a46dc399c3e0a6e4e7d6becb4d_JaffaCakes118

Files

ec9662a46dc399c3e0a6e4e7d6becb4d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

29cb391aad9fb4023d58906fd61fb55d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA
SetEvent
GetCommTimeouts
ReadConsoleOutputCharacterA
LCMapStringA
ReadConsoleA
VerifyVersionInfoA
LocalHandle
GetTempPathA
GlobalUnfix
GetProcAddress
GetDiskFreeSpaceExA
GetThreadTimes
RaiseException
GetCalendarInfoA
ResetEvent
FindFirstFileExA
GetPrivateProfileStringA
VirtualAllocEx
WaitForMultipleObjectsEx
GetModuleFileNameA
OpenFileMappingA
FindFirstVolumeMountPointA
Module32First
PeekNamedPipe
LZSeek
ClearCommError
GetStringTypeExW

wininet

ResumeSuspendedDownload
FtpSetCurrentDirectoryW
InternetUnlockRequestFile
InternetQueryDataAvailable
FtpRemoveDirectoryW
InternetCrackUrlA
FtpSetCurrentDirectoryW
InternetGetConnectedStateExA

Exports

Exports

GetGsptsxap
Aykiukct
Csnquxreipv
Vwqygtsqw
CloseDobbxrvcu
Xyxfvsarlet
AddAhlxexesm
GetRvrqokefo

Sections

.itext
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 140KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ