96e57cb20184d90461b4d4544a6f5441_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

96e57cb20184d90461b4d4544a6f5441_JaffaCakes118
Size

152KB
MD5

96e57cb20184d90461b4d4544a6f5441
SHA1

769a92a0f9b9a9f644fd56c9f4f18d9c905b7d63
SHA256

8619bfe50b8bcd0016df195c72a30fd2ad3e73788bc5f2a3eccb4d20a521b7ce
SHA512

5a3e43b425530b140eba9e277fc8b50fbb398517b6f2234d441999dcc55002c05931b60125def24d19dd99366cf47b8e9b3b1767a5082b119e9ea7e9c477c83d
SSDEEP

3072:5CgM71/2MimY2iSTgoriBot8lsBGF4aLV48uWZ9ZfvYkDR6e4lOp2Yt:5892dmY2rTCo2lVtLVcWZ9Zfr0TlO4Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96e57cb20184d90461b4d4544a6f5441_JaffaCakes118

Files

96e57cb20184d90461b4d4544a6f5441_JaffaCakes118
.dll windows:4 windows x86 arch:x86

feb9a7d9d728f5170db672897c12886e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommState
PurgeComm
ResetEvent
ReleaseMutex
LZOpenFileA
ReadConsoleOutputA
SetEvent
GetLocaleInfoA
UnmapViewOfFile
GetConsoleCommandHistoryLengthA
GetFileAttributesExA
DeleteTimerQueueTimer
WaitForDebugEvent
VirtualAllocEx
IsBadReadPtr
GetProcessHeap
GetCurrentDirectoryA
SetupComm
GetVersionExA
SearchPathA
RaiseException
SetEvent
WaitCommEvent
VerifyVersionInfoA
GetThreadTimes
SetThreadAffinityMask
GetConsoleCursorMode
lstrcmpiA
GetCPInfo

wininet

InternetCrackUrlA
InternetGetConnectedStateExA
FtpSetCurrentDirectoryW
InternetQueryDataAvailable
ResumeSuspendedDownload
FtpSetCurrentDirectoryW
InternetUnlockRequestFile
FtpRemoveDirectoryW

Exports

Exports

CloseUubyjlj
Svpqisvhfbt
AddNnlovaay
Igewhaspky
OpenDtiafgepp
CreateLukewsgx
SetSxjabropoe
InitUoiwcsxjl

Sections

.itext
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 140KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ