ad808ab20c0a1e9047346e93ed127e54_JaffaCakes118 | Triage

Sharing

General

Target

ad808ab20c0a1e9047346e93ed127e54_JaffaCakes118
Size

64KB
MD5

ad808ab20c0a1e9047346e93ed127e54
SHA1

d0884e0b4d58b8c05db3b192e5966aff45a2e0e0
SHA256

d2eb30037a70c0f2e34547a518cef33803969a36842663fba48451e28a920f54
SHA512

7deb11c66ee8c672d977b6e583da175ba0dbe98b9ca8be056b9fbfa95da68bc2e152becd94e9893ab67e788fd98faff4b76a225a5c2435dc2f49d1943be6fe9b
SSDEEP

768:dKYRJa9FVGQsJsHGrydM35K5SdlFRb1I3H1tpUGdZAhNbNeX+SSheNsF9y4fVIZg:nvanQQsJIQB3CW51u/5qB3oY9Ag

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad808ab20c0a1e9047346e93ed127e54_JaffaCakes118

Files

ad808ab20c0a1e9047346e93ed127e54_JaffaCakes118
.dll windows:4 windows x86 arch:x86

01f6f01c5fa5ee9583612e1c9ec68a94

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeEnvironmentStringsA
GetUserDefaultUILanguage
GetVersion
GetDllDirectoryA
GetCurrentProcess
GetLongPathNameA
SetSystemTime
lstrlenA
FindVolumeClose
GetModuleFileNameA
GetConsoleTitleA
ReadConsoleOutputA
UnlockFile
GetVolumePathNameA
GetEnvironmentStringsA
GetLogicalDrives
lstrcatA
WritePrivateProfileStructA
QueryPerformanceCounter
GetTickCount
HeapSize
OpenMutexA
SetFileValidData
WriteConsoleOutputCharacterA
SetConsoleCursor
EnumSystemLanguageGroupsA
VirtualAlloc
ExpandEnvironmentStringsA
GetProcAddress
Module32First
OpenProfileUserMapping
GetCurrentProcess
RemoveDirectoryA
WriteFile

wininet

InternetConnectA
HttpQueryInfoA
FindNextUrlCacheEntryW
InternetOpenUrlA
HttpSendRequestA
HttpOpenRequestA
InternetOpenA

Exports

Exports

Pecvhtxdgp
EndWtabdwp

Sections

.rtext
Size: - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 52KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ