07cb3c7f9ad121fbedac305318d72ab1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07cb3c7f9ad121fbedac305318d72ab1_JaffaCakes118
Size

64KB
MD5

07cb3c7f9ad121fbedac305318d72ab1
SHA1

288772bba5ecd6da17c6102890fb8b661e123188
SHA256

de16db08a3e2661f91ace66d2ec16e5a1379a2d2f4ba8e31d7d83b80a74c2fc0
SHA512

6389791b8517412ea28c4be80acbae7a1b6a9475c9cb7f07ee1cf8ff70ab37adab7d9c8afe52b71e2419caff2c47d8e2f142c7c3c39bd9e2c4e02755ec31f9e8
SSDEEP

1536:1j6pL+IzRg6V1RGN3fqdsBhg9KAfEIOC3S3EnrvZ00mOZg:10Lf2+RGNigmqIOCimvdd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07cb3c7f9ad121fbedac305318d72ab1_JaffaCakes118

Files

07cb3c7f9ad121fbedac305318d72ab1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ae963b21f00de779b14e86a9737bb803

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCPInfo
GetAtomNameA
GetConsoleAliasesLengthA
SetProcessShutdownParameters
SetFileAttributesA
FatalExit
WriteFile
EnumTimeFormatsA
MultiByteToWideChar
GetProcAddress
GetSystemTimes
GetCurrentThreadId
GetVolumePathNameA
GetDllDirectoryA
GetFileAttributesA
FindFirstChangeNotificationA
GetCurrentProcess
SetComputerNameA
GetCommandLineA
OpenEventA
FillConsoleOutputCharacterA
GetCurrentDirectoryA
VirtualAlloc
GetExpandedNameA
GetTickCount
PurgeComm
GetThreadPriorityBoost

wininet

InternetOpenA
HttpSendRequestA
InternetOpenUrlA
HttpOpenRequestA
FindNextUrlCacheEntryW
HttpQueryInfoA
InternetConnectA

Exports

Exports

Avlbcyhejy
Feffbhfbwf

Sections

.rtext
Size: - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 52KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ