838cc4e6fb67e06abf05c1c6044394f2_JaffaCakes118 | Triage

Sharing

General

Target

838cc4e6fb67e06abf05c1c6044394f2_JaffaCakes118
Size

64KB
MD5

838cc4e6fb67e06abf05c1c6044394f2
SHA1

b57eab945fad0f11a5675c79c96cae5b278974df
SHA256

c28dae6feaf998fe8f6bb22eac28ebda5760e2e6da07e045ad3e542c58cd2631
SHA512

1e94ac14808530472a0c79bbc93e1c95156f67aa2da986cd286e5111a006ec3b8e3683c6a20bf5e74dc5fe1f326c37ffe5deacb1d93744a56f2bbebfb9ccf4c7
SSDEEP

1536:iSHA9nct2lqr/jT0DcHN+0nVoOzelSnIfoeDg:iSHoyfr/jYAHhneOClKqoeD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
838cc4e6fb67e06abf05c1c6044394f2_JaffaCakes118

Files

838cc4e6fb67e06abf05c1c6044394f2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7431bc77121c331558c831691e7364d8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReleaseMutex
IsValidLanguageGroup
GetProcessVersion
FillConsoleOutputCharacterA
WriteFile
WriteProcessMemory
GetSystemDefaultLangID
CallNamedPipeA
GlobalHandle
QueryInformationJobObject
FatalExit
WriteFileEx
GetFileSize
_lclose
SetEndOfFile
GetTimeFormatA
GetPriorityClass
GetConsoleWindow
GetCurrentThread
GetLocaleInfoA
GetCompressedFileSizeA
GetProcAddress
TermsrvAppInstallMode
IsBadHugeWritePtr
GetConsoleMode
GetVolumePathNameA
ReadConsoleOutputCharacterA
GetDllDirectoryA
GetProcessIoCounters
WriteConsoleA
GetCurrentProcess
GetComputerNameA
VirtualAlloc
GetTickCount

wininet

InternetOpenUrlA
FindNextUrlCacheEntryW
HttpQueryInfoA
HttpSendRequestA
InternetOpenA
InternetConnectA
HttpOpenRequestA

Exports

Exports

WriteMxulloerbjp
GetIfqbstx

Sections

.rtext
Size: - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 52KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ