b4bf60b7b2f85b81d11e5be6228ad886_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b4bf60b7b2f85b81d11e5be6228ad886_JaffaCakes118
Size

132KB
MD5

b4bf60b7b2f85b81d11e5be6228ad886
SHA1

d60bc6d469d9340e7e669b0ca70031a06cc8c083
SHA256

c162329ecf7f1b6a03ac42979231e300ec1bf274a7a047dfdad0ef7253796332
SHA512

281ca0e956b5029ed4280b1e846544544a6ed62d8568304d4314599a22ca5bd5643a228803ae2a574ec478ce410c46b44b32f8612cbd2c7060e6cf82cccf7fdf
SSDEEP

3072:dmPFWdlCflntap83pW3BuX/UNf4pBlvdBt3ewYy:y6WNo83pWGBt/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4bf60b7b2f85b81d11e5be6228ad886_JaffaCakes118

Files

b4bf60b7b2f85b81d11e5be6228ad886_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0bbbec8c2adc1cbc9ba236f788238b3a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleAliasesLengthW
ProcessIdToSessionId
ExitProcess
GetLogicalDrives
CreateMutexA
GetCPInfoExA
SuspendThread
BuildCommDCBAndTimeoutsW
SetEvent
VirtualAllocEx
CreateWaitableTimerA
GetStringTypeExA
SetHandleInformation
GetDiskFreeSpaceA
CompareStringA
GetVolumePathNameA
SetVolumeMountPointA
HeapAlloc
ExitProcess
SignalObjectAndWait
SleepEx
FindFirstVolumeA
GetConsoleWindow

Exports

Exports

OpenIkpmpqfkh
Knbvlxjbh
OpenNogbbadcyi
IsIasmxlnpq
CloseDjtmywm
Fwvisismc
InitSqswiattnq
Uudnwds
Bhctmprk
ReadSbvegrtqjtd
Uknxomcwnc
Urjxfmsvjox
EndYymgofxsph
IsRphfdhkkamc
Endgagyo
WriteEltfvvng
WriteEpvninyloch
CreateJvkdvvipap
Fhxhwkyxiy
Bwtspal

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ