db25e3357d174f7dd4c7d189121b8e85_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

db25e3357d174f7dd4c7d189121b8e85_JaffaCakes118
Size

68KB
MD5

db25e3357d174f7dd4c7d189121b8e85
SHA1

a50192fe55d5f5ae8e09c432fa8d1cb33825dca1
SHA256

c042b70df63fe67008fd24fd49506d8e14d2b4c33c7ff3451dbf819e55714fb0
SHA512

e0f30b6c541428443d10fdebe048109378cf34b684cb77baee1689e120d52290ea77060ac427e6306cf38388f4ee10a3685091d0d599596d19710fa1e8764c05
SSDEEP

1536:tjaPrp3Fsr9T77TOniHhPKe3opssj4+uL6pc9kldBkS01y:NaPrp3qp7OkhPjop/k+ufkr41

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db25e3357d174f7dd4c7d189121b8e85_JaffaCakes118

Files

db25e3357d174f7dd4c7d189121b8e85_JaffaCakes118
.dll windows:4 windows x86 arch:x86

92990a63bbded76d725fee61aae39aa0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LZInit
LZOpenFileA
LCMapStringA
VirtualAllocEx
EnumSystemGeoID
ResetEvent
GetShortPathNameA
GetConsoleAliasA
ReadConsoleOutputA
GlobalAddAtomA
OpenEventA
GetNumberOfConsoleMouseButtons
FlushFileBuffers
GetSystemDirectoryA
SetEvent
GetDiskFreeSpaceA
RaiseException
SetFileAttributesA
OpenFileMappingA
Heap32Next
GetLogicalDrives
SetProcessPriorityBoost
FindFirstVolumeMountPointA
GetOverlappedResult
ClearCommBreak
ReadConsoleA
GetCurrentThread
GetVersionExA
FindAtomA
OpenMutexA
RaiseException
ReadConsoleInputA

wininet

InternetQueryDataAvailable
InternetGetConnectedStateExA
FtpRemoveDirectoryW
InternetCrackUrlA
FtpSetCurrentDirectoryW
InternetUnlockRequestFile
FtpSetCurrentDirectoryW
ResumeSuspendedDownload

Exports

Exports

GetOgxssocbl
BeginNlstdmytlj
Bnfodvqlcij
Ykgvkllblsm
IsIbdclxhc
Cxvixbmkmss
WriteMiwbwogws
GetIdcycarug

Sections

INIT
Size: - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 56KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ