09e77cd59eecab69d4f14d26f3ff4479_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

09e77cd59eecab69d4f14d26f3ff4479_JaffaCakes118
Size

64KB
MD5

09e77cd59eecab69d4f14d26f3ff4479
SHA1

2f3d7e89ab574c7098c17be96abe4d1470ce353a
SHA256

40ce170650bb6c685575394b0dfcd9b912ad7a9d5cd785dd657105eba262227a
SHA512

de87156501af21d773fa71c446d9207840d09cf1c5c1752c42977cbf78c7915aa5e1a202d98af8312c43efce5a6873249d4bd23426e24b02ed8948afa04aad1b
SSDEEP

1536:sSfZMUejy4rzhQ0rZXbq6OHc8RfgOoQlOOPVXpF:sE4rzhQ09QHcIv1dZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09e77cd59eecab69d4f14d26f3ff4479_JaffaCakes118

Files

09e77cd59eecab69d4f14d26f3ff4479_JaffaCakes118
.dll windows:4 windows x86 arch:x86

da3b3cb1c60a287bb903c953876cea86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTempPathA
GetVolumePathNamesForVolumeNameA
LoadLibraryExW
SetConsoleLocalEUDC
lstrcpynA
ReadConsoleInputA
SetCurrentDirectoryA
GetFileAttributesA
GlobalLock
QueryPerformanceCounter
WriteConsoleOutputCharacterA
DeleteTimerQueue
EndUpdateResourceA
GetLocaleInfoW
UnregisterWaitEx
GetProcessShutdownParameters
SetProcessPriorityBoost
EnumTimeFormatsA
GetCommandLineA
SetThreadIdealProcessor
GetConsoleCommandHistoryA
OpenFile
GetModuleFileNameA
WriteProfileSectionA
BuildCommDCBA
GetConsoleMode
_llseek
VirtualUnlock
GetNumberOfConsoleFonts
GetConsoleFontInfo
VirtualAlloc
ReplaceFileA
GetConsoleCP

shell32

SHGetSpecialFolderPathA

mpr

WNetGetConnectionA

winmm

timeBeginPeriod
timeGetTime

Exports

Exports

EndPhjtyooniqo
Jwyyerf
OpenBxuuvuhgjtr
Dfwqhwb
IsLojxyjkk
Omoimtfr
Mahxegblp
Ljnufcepu

Sections

.idata
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 52KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ