302d371864bacb0633ab41a76f842928_JaffaCakes118 | Triage

Sharing

General

Target

302d371864bacb0633ab41a76f842928_JaffaCakes118
Size

64KB
MD5

302d371864bacb0633ab41a76f842928
SHA1

72683d561d8fed4b391acb3dd02d400644bf1b79
SHA256

6ec2bb5d8b40326465f73d9c205b6f30598e14b21c563dd41f120c932ccc6eb1
SHA512

830cccda961cc0dffb732cf38a63e7c2ff7c06b7597339aeb29d7d13e300db008526fccd8d5735535b65c7f6eefe98b91b2fe0a5940c2b6c221ea62e6e5342ce
SSDEEP

1536:0Ksn4os20f98JRtcOH/zEBGo0qfmb1rGIIQzg:07n4oCfpOgGqfStIQz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
302d371864bacb0633ab41a76f842928_JaffaCakes118

Files

302d371864bacb0633ab41a76f842928_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae226c3b12ae4e3a007095c966deab4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
GetFileInformationByHandle
GetFullPathNameA
GetVolumeInformationA
GetDevicePowerState
CloseConsoleHandle
WritePrivateProfileStringA
SetThreadUILanguage
GetEnvironmentStringsA
CreateWaitableTimerA
OpenMutexA
GetCurrentProcess
SetFileAttributesA
GetTickCount
GetCurrentThread
QueryPerformanceCounter
GetLogicalDrives
GetQueuedCompletionStatus
WriteFile
CopyFileA
GetProcAddress
lstrcat
GetCurrentProcess
ReadConsoleOutputCharacterA
LoadModule

wininet

HttpSendRequestA
InternetConnectA
FindNextUrlCacheEntryW
InternetOpenA
HttpOpenRequestA
HttpQueryInfoA
InternetOpenUrlA

Exports

Exports

Kjwcftmhpm
AddXtajreour

Sections

.rtext
Size: - Virtual size: 476B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 52KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ