717c5d29e0b22e1696f33afab5e24215_JaffaCakes118 | Triage

Sharing

General

Target

717c5d29e0b22e1696f33afab5e24215_JaffaCakes118
Size

28KB
MD5

717c5d29e0b22e1696f33afab5e24215
SHA1

8aa398e23b293bf27a3809769e801fbefbcb06b6
SHA256

6d900703ce9742f84cc05cbbea7c6d7cc7af363259d35937dfe6911f9d9668eb
SHA512

85bf845544617ec7785f48f99e7580019ac221843638cc27e5400c8bde77ea888e59fbe678bec86e674da06a1b9aadb6e939ebf5627d10006a72f88ecaa8924b
SSDEEP

384:d/EgRrcHbjyVzgoh3uT602s1xCV0YWBJ9H0yoxb8Z85RSqCuAN:d/jREbWuoheT602QAVEt0y1BHuAN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
717c5d29e0b22e1696f33afab5e24215_JaffaCakes118

Files

717c5d29e0b22e1696f33afab5e24215_JaffaCakes118
.dll windows:4 windows x86 arch:x86

880fe617476ad5eb91e17e4815405378

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RaiseException
GetCommModemStatus
GetCurrentProcessId
ConnectNamedPipe
GetExitCodeThread
MultiByteToWideChar
GetTempPathA
OpenSemaphoreA
GetWindowsDirectoryA
OpenProcess
ReadConsoleA
VirtualAllocEx
GetCPInfoExA
GetCurrentThreadId
HeapQueryInformation
ResetEvent
GetExitCodeProcess
IsWow64Process
GetConsoleWindow
GlobalFlags
FindClose
SetEvent
GetModuleHandleA
GetProfileIntA
UnregisterWait
OpenEventA
GetModuleHandleA
SetConsoleWindowInfo
Heap32First
QueryPerformanceCounter
GetTimeZoneInformation

wininet

FtpRemoveDirectoryW
InternetGetConnectedStateExA
FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW
InternetCrackUrlA
ResumeSuspendedDownload
InternetQueryDataAvailable
InternetUnlockRequestFile

Exports

Exports

EndVgdjmqf
CreateTpqnueu
Eqxxalfmv
OpenGkhfxibte
Vsqpyibb
Ndopnqlgtly
InitHfbjpvjh
Noulucct

Sections

INIT
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 16KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ