4a0d5b6d7fba008f00d1e0e2879e1820_JaffaCakes118 | Triage

Sharing

General

Target

4a0d5b6d7fba008f00d1e0e2879e1820_JaffaCakes118
Size

64KB
MD5

4a0d5b6d7fba008f00d1e0e2879e1820
SHA1

401f479efe37aa78526358ba614809530046f286
SHA256

a1ef9e2909109a9dd0c326cc65ea85b945e857ff566c5427022d7f0e03900227
SHA512

aa89a055308f3f8413b9672605f64fce51fef6e7d74d293cc1634c8606fdf7ba22750e7ab876003cf136513711b676f50df8f330bcedfff6fc721b071c710f8c
SSDEEP

1536:1MwJkeMny2kDO86nyztP5Q7LVr6eEqPcXv8MH867H+bOwi1TlFpN:WwKjkJ8yztPWRvPc5cw+Qp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a0d5b6d7fba008f00d1e0e2879e1820_JaffaCakes118

Files

4a0d5b6d7fba008f00d1e0e2879e1820_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a1704503c0f680a989ecd644cd07fe0e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

_llseek
SetFileShortNameA
ReleaseMutex
OpenWaitableTimerA
GetCommandLineA
LZClose
GetTickCount
HeapCreate
DeleteTimerQueueEx
GetProcessHeap
OpenMutexA
CreateSemaphoreA
GetFullPathNameA
GetCurrentProcess
GetDllDirectoryA
GetProcessTimes
PulseEvent
GetVersionExA
WriteFile
FlushFileBuffers
ReadConsoleInputA
GetEnvironmentVariableA
GetDriveTypeA
VirtualAllocEx
GetCommModemStatus
LoadResource

wininet

ResumeSuspendedDownload
DetectAutoProxyUrl
InternetQueryDataAvailable
FtpSetCurrentDirectoryW
InternetCrackUrlA
InternetUnlockRequestFile
InternetGetConnectedStateExA

Exports

Exports

Ufeifkfpmhs
Nkaqotx

Sections

.rtext
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 52KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ