0c679d55dc64107e0293a4c892f32664_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c679d55dc64107e0293a4c892f32664_JaffaCakes118
Size

212KB
MD5

0c679d55dc64107e0293a4c892f32664
SHA1

c14fdb852402a2b8dcf03c8d8e7f7746b3cdb9c5
SHA256

d1e206ac3d03f94dcc472ea66ee131e897e7cf9d4782afdd3054812f529cb8cd
SHA512

1b935f59b2f2e0893d3fccc05db7315237bd7791592bf09027a9f9bf48ef968357b65071dc4c3c6156c5606ff5a75789201669f597e327c67980b3733300b29f
SSDEEP

3072:wPFnqJsR2WkCkwyLCE/Qm+VcOOSYbG+YInssqj:wt9H7kvmGQmiwtHU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c679d55dc64107e0293a4c892f32664_JaffaCakes118

Files

0c679d55dc64107e0293a4c892f32664_JaffaCakes118
.exe windows:4 windows x86 arch:x86

873494f856c26945a6e42513f5c5dfd3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
DefineDosDeviceA
SetFilePointer
Thread32Next
SetProcessWorkingSetSize
GetProcAddress
RegisterWaitForSingleObject
OutputDebugStringA
SetSystemTime
EnumResourceTypesA
GetSystemWindowsDirectoryA
CommConfigDialogA
VirtualAlloc
GetNumberFormatA
GetConsoleCommandHistoryLengthW
GetCurrentProcess
GetCurrencyFormatA
EnumSystemLanguageGroupsA
GetTickCount
HeapWalk
GetCommProperties
IsBadHugeReadPtr
GetBinaryTypeA
ResetEvent
MoveFileA
SetFileAttributesA
EnumResourceNamesA
GetCurrentProcess
GetComputerNameA
WriteFile
GetLocaleInfoA
WriteConsoleInputA

wininet

InternetOpenA
FindNextUrlCacheEntryW
HttpQueryInfoA
InternetConnectA
InternetOpenUrlA
HttpOpenRequestA
HttpSendRequestA

Exports

Exports

Nprdtgfjqir
BeginVurrruqd

Sections

.rtext
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 200KB - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ