53d35b75fdee391a73daa037bfb1b04a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

53d35b75fdee391a73daa037bfb1b04a_JaffaCakes118
Size

64KB
MD5

53d35b75fdee391a73daa037bfb1b04a
SHA1

e414910e712ce6eed9bc4b41fc3441f68a6e6521
SHA256

7a824fea635a1d99e71465d97f63114910236e246117a3dede1913fb13d405d4
SHA512

e20c0b33aa2957fd5dc2733c0cc4c4ab9ebd413397846228aaac007729613f83b0285d79cf4a0fbfc68b1a62d19e69b8cb4c301cf1c55072724c2eba4cda473d
SSDEEP

1536:mp9F0JTYXEtotT8Z95Tsn380CVMx1CO29N:mp4JMXEsTSQs0Ci1CR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
53d35b75fdee391a73daa037bfb1b04a_JaffaCakes118

Files

53d35b75fdee391a73daa037bfb1b04a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

53e25c125affd399c1f6f9bdd61f509a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetConsoleTitleA
LoadLibraryA
GetCalendarInfoA
GetDefaultCommConfigA
GlobalMemoryStatus
GetExitCodeThread
FindFirstVolumeMountPointA
UnregisterWaitEx
lstrcpynA
GetTickCount
GetComputerNameA
GetConsoleAliasExesLengthW
TermsrvAppInstallMode
RemoveDirectoryA
UnlockFileEx
GetCurrentProcessId
RegisterWaitForInputIdle
VirtualProtectEx
SetTimeZoneInformation
lstrcpyn
SetThreadLocale
LZCloseFile
SetEvent
GetSystemTime
GetThreadPriorityBoost
GetSystemDefaultUILanguage
WriteFile
FlushFileBuffers
HeapReAlloc
VirtualAllocEx
GetEnvironmentVariableA
GetCurrentProcess
WriteConsoleOutputCharacterA

wininet

ResumeSuspendedDownload
InternetCrackUrlA
InternetQueryDataAvailable
DetectAutoProxyUrl
InternetUnlockRequestFile
InternetGetConnectedStateExA
FtpSetCurrentDirectoryW

Exports

Exports

Kaicxqqi
Yvxhqojfcuk

Sections

.rtext
Size: - Virtual size: 64B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 52KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ