dd0b529b178629c576c3a5fc892f59be_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd0b529b178629c576c3a5fc892f59be_JaffaCakes118
Size

216KB
MD5

dd0b529b178629c576c3a5fc892f59be
SHA1

45d6df45613c5aed59d5a07360d5ce75c217de9d
SHA256

9262ef959761b3a2e2da82e2dedcd6ab502e159f23c9242dc3d2731bbf18d6d3
SHA512

4b69cfc96e913c2cf0cd3f6f12833dc348cd88ca5d3ca15e13ebccd733263739c1f69fcc6f3faba9f2d3a3e909e92364f0865ac6e56e7627b5f77177e52ced67
SSDEEP

3072:ywyxMr7NtzDXOY3id09o9W92VA3KOirz4IR:2xitfXOY3a+Z92VUy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd0b529b178629c576c3a5fc892f59be_JaffaCakes118

Files

dd0b529b178629c576c3a5fc892f59be_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9d510d72b95396fde2f97f157eea5cb5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetTickCount
GetShortPathNameA
GetProcessPriorityBoost
GetConsoleCursorInfo
GetVDMCurrentDirectories
GetTimeZoneInformation
GetVolumeInformationA
GetProcessHeaps
GetProcAddress
GetProfileIntA
GetCurrentProcess
ClearCommError
GetConsoleCursorMode
UpdateResourceA
GetFileInformationByHandle
GetCommTimeouts
HeapValidate
GetEnvironmentStringsA
SetPriorityClass
SetConsoleTitleA
GetLocalTime
FindFirstFileA
GetCurrentThreadId
GetSystemDirectoryA
VirtualQueryEx
WriteFile
WriteConsoleOutputA
GetThreadLocale
Toolhelp32ReadProcessMemory

wininet

InternetOpenA
InternetConnectA
HttpQueryInfoA
InternetOpenUrlA
HttpOpenRequestA
FindNextUrlCacheEntryW
HttpSendRequestA

Exports

Exports

Tnobtatmyoa
ReadRvtcejg

Sections

.rtext
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 204KB - Virtual size: 485KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ