f2eb028350d28ec4411b874cc6ec1dd9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f2eb028350d28ec4411b874cc6ec1dd9_JaffaCakes118
Size

152KB
MD5

f2eb028350d28ec4411b874cc6ec1dd9
SHA1

3c5608c85e34e230458f2ea09c40011ba4e74eaf
SHA256

929313ea84f8b9545b1d5bc8e78b0a346e337d153572ecc4f3ffc89b0c2c67b3
SHA512

75f3d21335214adfaad646de514064209503bb2280431d75a364b18fe5985d1bc3bb515c83f367ead689c9fd97801efd66aae96f19895800679c42134f9a8251
SSDEEP

3072:Z/0cJgYsTXgIRBAEUWmwUdMEBFs4AJKiD5+E6:VaTmiEvTAJK4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f2eb028350d28ec4411b874cc6ec1dd9_JaffaCakes118

Files

f2eb028350d28ec4411b874cc6ec1dd9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

23bc3d1f15e57a1fcddcfee7683e845e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForSingleObjectEx
GetProcessVersion
CreateDirectoryA
OpenFileMappingA
GetThreadContext
IsDebuggerPresent
ChangeTimerQueueTimer
EnumSystemGeoID
GetDiskFreeSpaceA
GetEnvironmentVariableA
GetConsoleCP
FlushFileBuffers
DeleteTimerQueueEx
GetCurrentDirectoryA
FindFirstFileExA
GetPriorityClass
GetLogicalDriveStringsA
PostQueuedCompletionStatus
VirtualAllocEx
GetCommModemStatus
GlobalHandle
DisconnectNamedPipe
ResetEvent
DefineDosDeviceA
RaiseException
SetEvent
GetProcAddress

wininet

ResumeSuspendedDownload
InternetGetConnectedStateExA
InternetUnlockRequestFile
FtpSetCurrentDirectoryW
InternetCrackUrlA
FtpSetCurrentDirectoryW
FtpRemoveDirectoryW
InternetQueryDataAvailable

Exports

Exports

AddXhlfnpjg
CreateHgttirsec
Bmjerjwllw
Losbqrpvf
Rdmdwaufch
ReadUtxwuneopd
Gqexyxo
BeginMbyhujwsmm

Sections

.itext
Size: - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 140KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ