8d14eb3fca10c02ac59f451d825ee06c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8d14eb3fca10c02ac59f451d825ee06c_JaffaCakes118
Size

64KB
MD5

8d14eb3fca10c02ac59f451d825ee06c
SHA1

05bc9008a1cd1e2c3c340349ca2f71745fbfce12
SHA256

ca6f79614fcf944664153886be0fe68a96c7d909f445ceeefd6486c0e5cfca32
SHA512

f6ad70cec7e7643b3475e03b31760079c833887072b7e1e3f37e661d6a8cbfabf8e0c0a44a406cd86fa964398049a6435f769cd1d28ba2e68d4495a4553af63c
SSDEEP

768:+gftzNm8Ec9TDJdKifMCqMfP/x54RdadvDS4ORRKixMlB7lZKQt+VV9:+gJHrB3KEj/f4RdcDSfR0KuBoQt8V9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d14eb3fca10c02ac59f451d825ee06c_JaffaCakes118

Files

8d14eb3fca10c02ac59f451d825ee06c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

79177f223b2efe25d35d4a882a50108c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiA
FindFirstChangeNotificationA
GetPrivateProfileStringA
GetCommandLineW
IsBadStringPtrA
OpenWaitableTimerA
GetThreadPriority
WriteConsoleOutputCharacterW
SetFileApisToANSI
GetCommandLineA
VirtualAlloc
GetModuleFileNameA
SetConsoleIcon
GetTimeFormatA
MoveFileExA
GetCurrentDirectoryA
OpenSemaphoreA
GetConsoleCommandHistoryLengthA
ExitProcess
GetLogicalDrives
SetFileAttributesA
GetComputerNameExA
WriteConsoleInputA
GetConsoleTitleA
GetCalendarInfoA
SetThreadUILanguage
EnumSystemLanguageGroupsA
GetConsoleWindow

wininet

HttpQueryInfoA
HttpSendRequestA
InternetOpenA
DeleteUrlCacheEntryW
InternetOpenUrlA
InternetConnectA
HttpOpenRequestA

Exports

Exports

Kctksvoxjug
GetAjdqvimn

Sections

.rtext
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 52KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ