2f65dde82b8357517ac39355d9123458_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f65dde82b8357517ac39355d9123458_JaffaCakes118
Size

216KB
MD5

2f65dde82b8357517ac39355d9123458
SHA1

0290ecb7e86c08c7a9c5766315b146796c31e9bf
SHA256

1cf818a07f482ea925a6b1af6ddc8e57be64efdaf99d238a107163447ede35b6
SHA512

92d833d18f02441278058566b758f4d42a2ba4837643996bc19dd279f301b89c789632a4420bd30a702f4af324eeeed1fdf836ac5def6fbe0147a249c7b9d694
SSDEEP

3072:/598qRxQjqGyKvLsGfw8sGJPzuu0vhcU+wR:/L8qoqBIIf8xJZ0vyU+w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f65dde82b8357517ac39355d9123458_JaffaCakes118

Files

2f65dde82b8357517ac39355d9123458_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f61efb431f9987eadc9822d36fdf8c51

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
PeekConsoleInputA
HeapSize
EnumResourceLanguagesA
GetVersionExA
VirtualAlloc
GetLogicalDrives
GetProcessIoCounters
SetInformationJobObject
OpenProcess
FindResourceExA
GetFileAttributesExA
SetHandleInformation
GetCurrentProcess
SleepEx
PulseEvent
HeapWalk
OpenSemaphoreA
GetCurrentProcessId
SetConsoleCursorMode
Module32Next
GetWindowsDirectoryA
GetTickCount
HeapFree
WriteConsoleInputA
WriteProcessMemory
WriteFile
GetProcAddress
QueryMemoryResourceNotification
CreateFileMappingW
GetModuleHandleA
WriteConsoleOutputA
WriteFile

wininet

InternetGetConnectedStateExA
InternetCrackUrlA
FtpSetCurrentDirectoryW
InternetUnlockRequestFile
InternetQueryDataAvailable
ResumeSuspendedDownload
FindNextUrlCacheEntryW

Exports

Exports

ReadYkhhibx
InitRpsldrni

Sections

.rtext
Size: - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 204KB - Virtual size: 484KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ