8e3eee8837ade6698c71cbb52fb3845c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8e3eee8837ade6698c71cbb52fb3845c_JaffaCakes118
Size

68KB
MD5

8e3eee8837ade6698c71cbb52fb3845c
SHA1

e14cafab09ee612eaa4a58a211c0a632d323172a
SHA256

c8b5454faaf5130ca72094027dbbfa61f28ebba4e3dfc2a09025fb5d4afdefb8
SHA512

71636006bfd580b3383d4220096144b3d04b5d68c848e4246a11e8d8271c203976c3e73b6b636933d07a007377f304b9af7820fef0629233becb0500ff59066b
SSDEEP

1536:1ZZkzADyBcF8dsKM8xskW8uxN8nCUK3lhqVR1y:1ZZyBcF8ZMoUhInCUKeD1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e3eee8837ade6698c71cbb52fb3845c_JaffaCakes118

Files

8e3eee8837ade6698c71cbb52fb3845c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c88a41e5c8fc617495241e5c1687b4d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessShutdownParameters
SetStdHandle
GetEnvironmentVariableA
GetVolumeInformationA
GetConsoleFontSize
FlushConsoleInputBuffer
WriteProcessMemory
GetComputerNameA
IsSystemResumeAutomatic
ReadConsoleA
WriteConsoleOutputCharacterA
RegisterWaitForSingleObjectEx
LocalLock
OpenThread
Toolhelp32ReadProcessMemory
VirtualAllocEx
ResetEvent
RaiseException
PeekNamedPipe
GetDiskFreeSpaceExA
FindFirstChangeNotificationA
SetEvent
GetCurrentDirectoryA
FlushViewOfFile
SetLocalTime
WriteConsoleOutputCharacterW
GetFileSize
GetFullPathNameA

wininet

InternetUnlockRequestFile
InternetCrackUrlA
InternetQueryDataAvailable
FtpSetCurrentDirectoryW
FtpRemoveDirectoryW
InternetGetConnectedStateExA
FtpSetCurrentDirectoryW
ResumeSuspendedDownload

Exports

Exports

Shclfuvs
Kwfufdfsk
Iojqpcvee
Juqamwkcirc
Sgotfjtjhma
Yarmywmkvr
ReadIafbmpfo
Vmklgcfgmj

Sections

INIT
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 56KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ