6918de9daf25a8b3dc2828a92ad64692_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6918de9daf25a8b3dc2828a92ad64692_JaffaCakes118
Size

212KB
MD5

6918de9daf25a8b3dc2828a92ad64692
SHA1

191da798c89d36d71a51b7f27b2cd3f16f4032a7
SHA256

964744c1722c545e8da737a6200719e8da3e520d42119d4a30263b21853dcfb8
SHA512

0a846c8879b04bb5845f69e0743baacf6bc4577f7f56954661661bbe6752fc6b8aeeb2961d1553f5091d4a9cfc61028e739ee17297adae0eeb5cde82f46ccfb7
SSDEEP

3072:oWVffdxuDdx8c25Qwj9BpmF2ItkyBDg2uuBJD9:oWVtxuDdx8c2uwj9Bpm86kyBzBJD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6918de9daf25a8b3dc2828a92ad64692_JaffaCakes118

Files

6918de9daf25a8b3dc2828a92ad64692_JaffaCakes118
.exe windows:4 windows x86 arch:x86

42d299a72394e3087198ba3bdd575244

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
EnumResourceLanguagesA
GetProcAddress
LZDone
GetCurrentProcess
UnmapViewOfFile
GetLogicalDrives
FindFirstFileExW
ReadConsoleOutputAttribute
SetThreadPriority
IsBadWritePtr
GetCurrentThreadId
GetVolumeInformationA
ReadFile
IsSystemResumeAutomatic
_hread
GetProcessHeaps
LoadResource
WriteConsoleOutputA
FreeConsole
GetTickCount
VirtualAlloc
DuplicateConsoleHandle
SetConsoleMaximumWindowSize
GlobalSize
GetConsoleHardwareState
GetVersionExA
GetOEMCP

wininet

InternetGetConnectedStateExA
FtpSetCurrentDirectoryW
InternetUnlockRequestFile
ResumeSuspendedDownload
InternetCrackUrlA
InternetQueryDataAvailable
FindNextUrlCacheEntryW

Exports

Exports

Qpqcppgusb
Bcxbhdkv

Sections

.rtext
Size: - Virtual size: 764B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 200KB - Virtual size: 481KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ