e1de673e239490ffe0aeb11eeaa5cf37_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e1de673e239490ffe0aeb11eeaa5cf37_JaffaCakes118
Size

64KB
MD5

e1de673e239490ffe0aeb11eeaa5cf37
SHA1

b672f705c748981db83ecf73c66813dfebf09bc3
SHA256

2e13b81b1662ff16b2b92a8f4fe710f7a17a46d8b1fa74c30a6721a362d9113f
SHA512

8a45baef8c21b27cc604a8db4ec7491ec27bbfb843bb3055f3e4e60428cd8c9cea75e0366d4e5b404dafee5a1825013c138fffac487e20397c04e2cb440fa5da
SSDEEP

768:OBwAZX3G0o4cqjb+1oH+NTmiXL9tOrogfV01McToK89GV1RogS3QKzoMdIjntvXo:hy3fjYm8LaV01DTz8cuJJeRcmdds

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1de673e239490ffe0aeb11eeaa5cf37_JaffaCakes118

Files

e1de673e239490ffe0aeb11eeaa5cf37_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4f9b5e390ff98d66989131f72782cfad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetDllDirectoryA
GetConsoleCursorMode
GetCurrentDirectoryA
WriteConsoleOutputCharacterA
GetVersionExA
ReadConsoleOutputCharacterA
OpenEventA
GetSystemTime
CreateSocketHandle
TerminateProcess
GetFullPathNameA
GetConsoleWindow
GetCommandLineA
GetDllDirectoryA
GetCurrentProcess
GetProcessVersion
GetConsoleKeyboardLayoutNameA
CreateWaitableTimerA
GetProcessIoCounters
SetComputerNameA
GetDiskFreeSpaceExA
RegisterWaitForInputIdle
QueueUserAPC
CreateFileMappingA
VirtualAlloc
GetNumberOfConsoleInputEvents
RaiseException
GetConsoleAliasesLengthA
GetFileAttributesExA
BeginUpdateResourceA
SetHandleInformation
FindFirstVolumeMountPointW

gdi32

SetViewportOrgEx

shell32

SHGetSpecialFolderPathA

winmm

timeBeginPeriod
timeGetTime

Exports

Exports

Pmwhcshyca
Jshnvgj
InitDcrqpjgd
AddJvvjvbabl
Nvefiip
Tsovwgdgn
IsFqjsmfa
IsFofkqxlqanj

Sections

.itext
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 52KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ