e1702b8a0dd0fd33f44a88ce650822da_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e1702b8a0dd0fd33f44a88ce650822da_JaffaCakes118
Size

68KB
MD5

e1702b8a0dd0fd33f44a88ce650822da
SHA1

382301a31fbd33d3df91118956aac4b357cf005e
SHA256

186fa3abccdc5932eb02d6603e499499bd283795937b675aaa9373cb6aad29db
SHA512

021dac859c01d0437b62ff7d7e4cd50c402775a4136c64b11d96e109d747b04f824bff3aeee6dd1bbe1532cd5b08a5837f93b384302c1a3c3577c2a3ccd8e9ee
SSDEEP

1536:oCKZhvThVsnKacWzTTQ1wSHuxiYwt20b1y:oLhrhVsn1bT2PHugYwt2q1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1702b8a0dd0fd33f44a88ce650822da_JaffaCakes118

Files

e1702b8a0dd0fd33f44a88ce650822da_JaffaCakes118
.dll windows:4 windows x86 arch:x86

10f6203bd87763d69d22631f83ec670b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ResetEvent
RaiseException
GetPrivateProfileStructA
SetThreadContext
ReleaseMutex
SetComputerNameExW
GetConsoleOutputCP
GetThreadTimes
VirtualAllocEx
GetVolumePathNamesForVolumeNameA
OpenThread
GetLogicalDrives
GetEnvironmentStringsA
GetCurrentDirectoryA
GetSystemDirectoryA
GetProcessHeaps
OpenMutexA
GetCPInfoExA
IsValidCodePage
ReplaceFile
SetEvent
CopyFileExA
SetSystemTimeAdjustment
LocalAlloc
TermsrvAppInstallMode

wininet

FtpRemoveDirectoryW
InternetUnlockRequestFile
InternetCrackUrlA
ResumeSuspendedDownload
InternetQueryDataAvailable
InternetGetConnectedStateExA
FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

Exports

Exports

Mryxmyxmqb
Pllwendnb
Nmwfegkxn
IsWhoxhvgqfs
WriteSdyxwfwxk
Eskeooo
ReadTclypcdcan
BeginPtfstqgfxgn

Sections

INIT
Size: - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 56KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ