f703fe3d1242724640700605f8460abf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f703fe3d1242724640700605f8460abf_JaffaCakes118
Size

64KB
MD5

f703fe3d1242724640700605f8460abf
SHA1

f55937cbdeeccf7e18c4353cc2e1d65d9b798e05
SHA256

4a4eebca187b91ceefb48cfe5b2517002eda1a00e56035ad449806fcbb72eea0
SHA512

2fe5c562a7999fc84f2c52cce13455cba8d9c0a0d4af2e501a88e5724d4c8e806ec8d115f75ac3ce58a514cf06b761c5c544dfd3419efd593c39faa76df9d306
SSDEEP

1536:zvm6Sh58muaflSNHQlufjhalKe7LQeK4KC3s:Hu58HSSw8fjhaBFK4d3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f703fe3d1242724640700605f8460abf_JaffaCakes118

Files

f703fe3d1242724640700605f8460abf_JaffaCakes118
.dll windows:4 windows x86 arch:x86

146548bfddc72d7cdde45766c596b155

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RaiseException
GetCurrentProcess
Toolhelp32ReadProcessMemory
ReadConsoleOutputCharacterA
ExitThread
SetProcessWorkingSetSize
GetVolumePathNameA
SetLocalPrimaryComputerNameA
OpenEventA
GetFileAttributesExA
GetSystemTimeAsFileTime
MultiByteToWideChar
SetCurrentDirectoryA
GetCommandLineA
CreateSemaphoreA
lstrlenA
WriteConsoleOutputCharacterA
SetFileApisToANSI
GetFileAttributesA
BeginUpdateResourceA
LoadLibraryExW
ChangeTimerQueueTimer
VirtualAlloc
CallNamedPipeA
GetVersionExA
GetBinaryTypeA

gdi32

SetViewportOrgEx

shell32

SHGetSpecialFolderPathA

winmm

timeBeginPeriod
timeGetTime

Exports

Exports

Wtmxdght
ReadBajgjuug
EndWaeqaqgbd
CreateOlbcvuu
WriteEqnuisp
Ddhwoimeuo
Xbhnkbuf
Yfaxowxrx

Sections

.itext
Size: - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 52KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ