8e1c1811813f72b0f3c00417b32af0e2_JaffaCakes118 | Triage

Sharing

General

Target

8e1c1811813f72b0f3c00417b32af0e2_JaffaCakes118
Size

41KB
MD5

8e1c1811813f72b0f3c00417b32af0e2
SHA1

64347644852f1b8845194533f81a05f05e439862
SHA256

2efbae6770b0f4ce4fd0dcdf942d18a0001514fa00924facbbb568f94f27e77f
SHA512

c9ebaed726b2c00aa3b28145949a74a48e5d4cfa4a05c44c2bc7961a7b0fa1ae73c57aea7733f7d617fa0c0434236002358732ed97112fad9989fd363757bd23
SSDEEP

768:j3nqVzPyfTuG124pZ8sLZ++tymRyM1CTpTyna0O1iVMpQRhho6:Lgz6fCGN8PQymRxCTpTS5yOh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e1c1811813f72b0f3c00417b32af0e2_JaffaCakes118

Files

8e1c1811813f72b0f3c00417b32af0e2_JaffaCakes118
.dll windows:5 windows x86 arch:x86

4b50f5ae4ab492ea00bcc068af20246e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetUnhandledExceptionFilter
CreateDirectoryExA
CreateSemaphoreA
VirtualAlloc
GetCompressedFileSizeA
AddConsoleAliasA
GetLogicalProcessorInformation
GetConsoleScreenBufferInfo
GetCPInfoExA
VirtualFree
GetLastError
ExitThread
GetDiskFreeSpaceA
ExpandEnvironmentStringsA
GetLogicalDriveStringsA
GetDiskFreeSpaceExA

user32

CreateDialogIndirectParamA
GetKeyboardLayoutNameA
CreateWindowStationA
CloseClipboard
DefDlgProcA
DlgDirSelectExA
PostThreadMessageA
EnumDisplaySettingsExA
PostThreadMessageW
ClientThreadSetup
GetScrollInfo
AllowForegroundActivation
GetClassNameA
CopyAcceleratorTableA
GetKBCodePage

Exports

Exports

GetJhwqriqxkr
InitQdxehkkuyas
CreateMpnmlxfljw
Cwxtsjeb
ReadMhyvwwsa
Ulupiki
AddToamqrq
InitKyopaqfkrg
ReadLynaqqtfyya
Llnypsn
Obxjvvpgy
Ilpwtbua
Jlawhdg
EndAdgmjjhdt
CreateRlrbkkennj
CreateWsyebshn
Ybmornjyygs
Pieeinvuv
WriteRbcfinx
Mvfnqvi

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ