94522c024338226a09aab5b967d996fb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

94522c024338226a09aab5b967d996fb_JaffaCakes118
Size

216KB
MD5

94522c024338226a09aab5b967d996fb
SHA1

8dab1034f91c2ec17cd9c4e79271f25292ad1856
SHA256

7ec4d5e58685060fb46e175d1e9f22e14be4e7e0ac0776089f10414bfe18da43
SHA512

39192a5e286e8d1d65577f0a3eb0a4df689e269362f689604ba612bacce178761e7b72798c64ab128b61738221af9d7df3b4feeb50f84bfba370c3717dcda020
SSDEEP

3072:BuSJEbSxHibb2j/CMvEeF7Qjyha6ztduzWpKox1Z60lP3lI:BRJEbWibC/9vE2HztduQKox1Z60lP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94522c024338226a09aab5b967d996fb_JaffaCakes118

Files

94522c024338226a09aab5b967d996fb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

83f1a13700c808433c1a854b868e85b1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleInputA
GetComputerNameExA
GetProcessTimes
ReadConsoleOutputAttribute
SetProcessWorkingSetSize
UnlockFile
SetComputerNameA
ReleaseSemaphore
WriteFile
GetCurrentProcess
ReadConsoleOutputA
GetCommandLineA
ExpungeConsoleCommandHistoryA
VirtualAllocEx
FindFirstChangeNotificationA
lstrcmp
Process32First
GetThreadPriority
GetTickCount
ReleaseMutex
GetPrivateProfileStringA
GetLocalTime
GetProcessHandleCount
GetProcessShutdownParameters
WriteProfileStringA
GetDiskFreeSpaceA
OpenWaitableTimerA
FlushFileBuffers
LZOpenFileA
GlobalAlloc
FindFirstVolumeMountPointA
EndUpdateResourceA

wininet

DetectAutoProxyUrl
InternetCrackUrlA
InternetQueryDataAvailable
InternetGetConnectedStateExA
FtpSetCurrentDirectoryW
ResumeSuspendedDownload
InternetUnlockRequestFile

Exports

Exports

SetKavggdyjciq
Yxmdtnpvd

Sections

.rtext
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 204KB - Virtual size: 487KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ