06e1bd6c224283c85ca607ed3298f3c3_JaffaCakes118 | Triage

Sharing

General

Target

06e1bd6c224283c85ca607ed3298f3c3_JaffaCakes118
Size

152KB
MD5

06e1bd6c224283c85ca607ed3298f3c3
SHA1

f28e549d222f322d8af15ee402c7c62883b50674
SHA256

4a3016f73506be59e8b21573b15da5a76910304c2372557d305c1cabebb16335
SHA512

2398dba556a21a9c3de9483e2480c1560d94f676ea26457dee5c33b39c23d5ac5b22416d0cae6cfbbfc506e291ab056520f12194db3373d4499e0e20a35723f7
SSDEEP

3072:YGHQG5cU74EOAP5VHjiXkj+oRSeR4Hvn5BR5eOu/6gaZ6toKh:Y8T5cTE7bB1u/XPeP2Z6to

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06e1bd6c224283c85ca607ed3298f3c3_JaffaCakes118

Files

06e1bd6c224283c85ca607ed3298f3c3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1fb876f776a2969554a755538a756a28

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetUnhandledExceptionFilter
GetThreadSelectorEntry
GetWindowsDirectoryA
RaiseException
GetModuleHandleA
Module32First
GetStdHandle
OpenMutexA
SetDefaultCommConfigA
DeleteAtom
VirtualAllocEx
ExpandEnvironmentStringsA
GetSystemDefaultLangID
ResetEvent
GetProcessHeap
GetStringTypeExW
SetConsoleMaximumWindowSize
lstrlenA
GetDllDirectoryA
WriteFileGather
IsSystemResumeAutomatic
WriteConsoleOutputCharacterW
IsDebuggerPresent
FillConsoleOutputAttribute
ReleaseSemaphore
SetEvent
ResumeThread
GetFileInformationByHandle

wininet

InternetCrackUrlA
InternetQueryDataAvailable
FtpSetCurrentDirectoryW
ResumeSuspendedDownload
FtpRemoveDirectoryW
InternetGetConnectedStateExA
FtpSetCurrentDirectoryW
InternetUnlockRequestFile

Exports

Exports

Qyflebj
Crvansenb
Jrbfrryvri
SetBinxyqv
EndVbuquwnfg
WriteOsqaobvkv
Cjuiycrrn
Gqygdjqepea

Sections

.itext
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 140KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ