35f76b23a00719f8f22cc2dc42db4039_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

35f76b23a00719f8f22cc2dc42db4039_JaffaCakes118
Size

216KB
MD5

35f76b23a00719f8f22cc2dc42db4039
SHA1

5f8fac6c48f087c7ef57f9ab5ce779325271ccde
SHA256

42128d1220d2af8d2c4e581423ed80d7ed5782bd9cb670dc6ec45b4c27e9960a
SHA512

456d05ca2831e2b5eed5b2e15d195ae96e3c7082951c0560c19f367a2a4327b2299b87768c7850c4db9fa1a33d38e9a8e68b0fb0ee0c298c8375b23cf61b5242
SSDEEP

3072:7OvUf38lPgJpbaaD7NPnRhKP4mHJePZBfNmWPr4:7OMfsFApbai7fhKPteh3mWj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35f76b23a00719f8f22cc2dc42db4039_JaffaCakes118

Files

35f76b23a00719f8f22cc2dc42db4039_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fdf3e2a30591408b82910ed9c6833ef9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetThreadContext
GetComputerNameA
SetEndOfFile
WaitForMultipleObjects
GetCurrentProcess
UnlockFileEx
GetCommProperties
SetEvent
GetProcessHandleCount
ReadConsoleOutputA
GetVDMCurrentDirectories
GetUserDefaultUILanguage
OpenMutexA
WriteFile
GetModuleFileNameA
GetProcAddress
CopyFileExA
EnumUILanguagesA
GetProcessWorkingSetSize
GetTickCount
GetFileAttributesExA
GetFileAttributesExA
SetConsoleTitleA
VirtualAlloc
ReadConsoleInputA
GetSystemWindowsDirectoryA
ReadConsoleA
GetProcessAffinityMask
EnumResourceTypesA
SetFileAttributesA
SetFilePointerEx
GetUserGeoID
GetExpandedNameA

wininet

InternetQueryDataAvailable
FindNextUrlCacheEntryW
ResumeSuspendedDownload
InternetGetConnectedStateExA
InternetCrackUrlA
InternetUnlockRequestFile
FtpSetCurrentDirectoryW

Exports

Exports

Vntfvyqc
WriteRwvaifqvck

Sections

.rtext
Size: - Virtual size: 308B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 204KB - Virtual size: 487KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ