078d2a9c19de819ef7c9119513df51d1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

078d2a9c19de819ef7c9119513df51d1_JaffaCakes118
Size

68KB
MD5

078d2a9c19de819ef7c9119513df51d1
SHA1

107afb528f818fda9baa838bc62ae6e6203f8662
SHA256

494395cd76e535309f30f8b4cb6fee79426fb369513adc42daff76dac9ccf936
SHA512

db1348501471504fe017eda6ae702bf9fe15886d9cb66b8747c3752c9f29553c0ff0e10ab8c6556f14319d1e00100ab83b32a1233b727d526fdc39a1af74a9ba
SSDEEP

1536:ryjUCeMyFWfuXYWAXQKoVBV3Nn6pdlTfrp2ZLYD:gPVyjhAAJBf6pnfrp2ZLY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
078d2a9c19de819ef7c9119513df51d1_JaffaCakes118

Files

078d2a9c19de819ef7c9119513df51d1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3d212b8ffe4382ed4565a19f75d4a0d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpA
ExpandEnvironmentStringsA
TerminateThread
DisconnectNamedPipe
Module32Next
RaiseException
GetPrivateProfileSectionNamesA
SetVDMCurrentDirectories
VirtualAllocEx
SetHandleInformation
LocalCompact
SetEvent
GetConsoleCursorMode
ResetEvent
GetConsoleOutputCP
HeapQueryInformation
GetComputerNameExA
IsProcessorFeaturePresent
WriteConsoleInputA
DuplicateConsoleHandle
GetFullPathNameA
OpenFileMappingA
GetProfileSectionA
TransactNamedPipe

wininet

InternetGetConnectedStateExA
FtpSetCurrentDirectoryW
FtpRemoveDirectoryW
ResumeSuspendedDownload
InternetUnlockRequestFile
InternetQueryDataAvailable
InternetCrackUrlA
FtpSetCurrentDirectoryW

Exports

Exports

Hvdioqy
Llcfgqj
EndXnrhdiqd
BeginEjohxqti
WriteGcfqdutmgl
Jonuuosf
EndBvjxslduteb
WriteMmlldih

Sections

.itext
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 56KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ