cfaefd2e51c3535821a154a1a812cff9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cfaefd2e51c3535821a154a1a812cff9_JaffaCakes118
Size

64KB
MD5

cfaefd2e51c3535821a154a1a812cff9
SHA1

1ba778e1ff7ce6bc1d4ab3175d42d6fa97196ab3
SHA256

3d40854cc630e8e501c5448c755bdb849bb26ecf6b52e8d388719230910cd11f
SHA512

b086badaa54d52654a44d4b95fe7b441aefea8612a2f8491f477c2b45a9b4ba344a3efd9b8919285b210a70af6dd439015e0e7be4c73b0f548fb8a06542cf265
SSDEEP

1536:tybOsy0pyJXQtY61kHbIMunLUYqPf0TYUYnJp:tmS2yJAtB1kkMWLWPcTYUYnJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfaefd2e51c3535821a154a1a812cff9_JaffaCakes118

Files

cfaefd2e51c3535821a154a1a812cff9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

47dd824b3a603f3ab4e761a480e8e4a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OutputDebugStringA
GetEnvironmentStringsA
EnumSystemLanguageGroupsA
GlobalGetAtomNameA
VirtualAlloc
Module32First
GetLocaleInfoW
GetLogicalDriveStringsA
OpenMutexA
SetProcessWorkingSetSize
GetFullPathNameA
SetFileShortNameA
GetModuleHandleA
GetModuleFileNameA
ReadConsoleA
CreateWaitableTimerA
GetEnvironmentVariableA
GetConsoleCursorInfo
PeekConsoleInputA
GetCommandLineA
SetLastConsoleEventActive
SetDefaultCommConfigA
SetInformationJobObject
GetProfileStringA
GetThreadContext
SetLocaleInfoA
OpenFileMappingA

shell32

SHGetSpecialFolderPathA

mpr

WNetGetConnectionA

winmm

timeGetTime
timeBeginPeriod

Exports

Exports

ReadMgbrqioho
GetQafreuemv
Knbniftlvon
Odindfpnliv
Gmwrvwcrau
Nnqbjnwivh
Phvjsyyvtp
ReadVmsdtugki

Sections

.idata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 52KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ