d1eff3ed72d56ff6d90fdb6907a87bbd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d1eff3ed72d56ff6d90fdb6907a87bbd_JaffaCakes118
Size

98KB
MD5

d1eff3ed72d56ff6d90fdb6907a87bbd
SHA1

43823bba9e27d4cd01f57edc1334d8cd142eefc3
SHA256

2b27f7bbb838aea5dd29f7b94fa925f253482f4f6211412d0d5c744013ee4eca
SHA512

9d5d3c9dea6fe30729c8d8d529fe4138f1946a38ad2c8bdbd96cce5ef6f8ad693423bf85f2382f53d5d3280553407fb546e840cb5d05f9c6d9304a7bf87056e0
SSDEEP

3072:/iE1jiFx8p+OWl+bjcILxaOGDPNXxhsgppttc:qggxB/pdOGDPNXxXRt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1eff3ed72d56ff6d90fdb6907a87bbd_JaffaCakes118

Files

d1eff3ed72d56ff6d90fdb6907a87bbd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dbf9af0d8369698c09ef9cf94c9bacdb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessTimes
GetVolumeNameForVolumeMountPointA
DeleteVolumeMountPointA
GetVolumePathNameA
DefineDosDeviceA
VirtualAlloc

gdi32

ChoosePixelFormat
GetDeviceCaps

dhcpsapi

DhcpDeleteServer

Exports

Exports

Txbsuidch
Guqthngtjb
Rvlkwepv
Ldlcpulg
CreateGenycakpo
Xuwxvwgvks
GetAkijinx
SetXnjafjpwwhy
Uvinewkx
ReadQtjstarlhq
WriteNrcgonqy
Nsuljay

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE