d0ebf331d9869be6baad04c620dc1de8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0ebf331d9869be6baad04c620dc1de8_JaffaCakes118
Size

68KB
MD5

d0ebf331d9869be6baad04c620dc1de8
SHA1

5d23a446272350a688724b8eab5ad9fa6e223726
SHA256

19ad88c65eb41ba753d32c7b2dd5e94ed2ffcfd4478ab142c7e1737649ba853d
SHA512

973cae91fa82ecd0fc50046aad563ddc8486cd19b1237603baa993d72939b8f9c9a4ba386d947d04ffc63684f30f50f5aba09e0d0517ebc427f8bca1730a4fc6
SSDEEP

1536:WVEQhWZ/1tD1U9XZvahc5SDqru6/83kVc13KeJroH:H9D1U9XZva0SDqrualc5K8ro

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0ebf331d9869be6baad04c620dc1de8_JaffaCakes118

Files

d0ebf331d9869be6baad04c620dc1de8_JaffaCakes118
.dll windows:4 windows x86 arch:x86

97748d45254dcba94a3fa821180d78e4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnumSystemCodePagesA
EnumResourceTypesA
lstrcat
SetConsoleCursorMode
SetVolumeLabelA
GetProcessWorkingSetSize
GetConsoleTitleA
SetCommTimeouts
SetConsoleHardwareState
GetStdHandle
SetConsoleCP
RaiseException
GetDefaultCommConfigA
FindFirstVolumeMountPointA
HeapSummary
SetEvent
VirtualAlloc
LZCopy
WriteConsoleOutputCharacterA
EnumUILanguagesA
GetLocaleInfoA
GetProcessId
AddConsoleAliasA
ReadConsoleOutputCharacterA
GlobalSize
ResetEvent
OpenSemaphoreA

gdi32

SetViewportOrgEx

wininet

InternetGetConnectedStateExA
ResumeSuspendedDownload
FtpRemoveDirectoryW
InternetCrackUrlA
FtpSetCurrentDirectoryW
InternetUnlockRequestFile
InternetQueryDataAvailable

Exports

Exports

Dbycqyqp
ReadSfigjdlmrjf
InitOcocuojfxj
Iwryyyfsmv
EndYnmxcrtg
Wblgbvqgxxb
SetSbyuwci
Xsrdjahi

Sections

INIT
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 56KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ