16dff24a39dfa369d73c8e684687ae5d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16dff24a39dfa369d73c8e684687ae5d_JaffaCakes118
Size

64KB
MD5

16dff24a39dfa369d73c8e684687ae5d
SHA1

3637413b415c7363744e9dceade9c301ea2824e7
SHA256

a1caf89a72d4999d901a671daa1b0972ef0dde92ffa73d28eb614e7f34791c90
SHA512

9190a00666e4428d8105edc771d8330857a9e6a12448870f030a823ebd4057980e11f79d400de1cb12d254461bcb58de35d8b30f139e1ff698e7df8958a91a90
SSDEEP

1536:2vHJPb4gzclPuszCwPA2kCawela1S5RDGfH:2hPb/hw420mSRQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16dff24a39dfa369d73c8e684687ae5d_JaffaCakes118

Files

16dff24a39dfa369d73c8e684687ae5d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

141172642b1388fa07cf272cfe481830

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesA
SetVolumeLabelA
GetComPlusPackageInstallStatus
LZStart
CopyFileExA
GetThreadPriority
GetProcessHeaps
OpenProfileUserMapping
VirtualAllocEx
RaiseException
GetConsoleKeyboardLayoutNameA
FormatMessageA
_hwrite
GetFullPathNameA
ResetEvent
GetDiskFreeSpaceA
SetEvent
GetSystemWindowsDirectoryA
WritePrivateProfileStringA
GetUserDefaultLangID
GetFileSizeEx
UnlockFileEx
GetFileAttributesExA
RaiseException
LoadResource
_lopen
HeapLock
GetModuleHandleA
GetOEMCP
OutputDebugStringA
GetProcessIoCounters

wininet

InternetQueryDataAvailable
FtpRemoveDirectoryW
InternetGetConnectedStateExA
FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW
InternetUnlockRequestFile
InternetCrackUrlA
ResumeSuspendedDownload

Exports

Exports

InitQohfyeitee
Qrajnqd
Cmfarin
IsBtcvwygjmw
EndUqnpvwocrc
CloseMjkaunqxiy
ReadNcjycpqe
OpenUiacpuxplwg

Sections

.itext
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 52KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ