f50fa3b176ac4a269ca3b28ae24d09a2_JaffaCakes118

General

Target

f50fa3b176ac4a269ca3b28ae24d09a2_JaffaCakes118
Size

264KB
MD5

f50fa3b176ac4a269ca3b28ae24d09a2
SHA1

6d8c81bc7477910d104f155f670f14890d90dbf5
SHA256

827ab7b6f1e2888ad9a1b9f9665bb099cd7a4a06dedc23c7e05c2d4b2e360103
SHA512

e3949e490b12273c9413d5f977942d96e2b61bf98ad6af78d7edb03c63bc9f96e65f27ee3a4c021496e55bed873a9e31cf1e1f16c0797a000ac0c7cff76b7c19
SSDEEP

6144:Umfg2QbroZXmRUPK/wwzUyHwHlDi/2dTlpAa5oTHzPrQz5lusdLqwlSyVZMb:rfg24j/bzUyHwHgITlp55oTHzPravusO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f50fa3b176ac4a269ca3b28ae24d09a2_JaffaCakes118

Files

f50fa3b176ac4a269ca3b28ae24d09a2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

86a753170fd590694bf736eacfb3a7a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

QueryPerformanceCounter
GetCPInfoExA
EndUpdateResourceA
WriteConsoleOutputAttribute
FatalExit
RegisterWaitForSingleObject
GetSystemTimes
EnumSystemCodePagesA
GetModuleFileNameA
GetModuleHandleA
MapUserPhysicalPages
InterlockedDecrement
IsValidLocale
SetHandleInformation
CreateWaitableTimerA
GetProcessHeaps
GetExpandedNameA
Process32First
GetThreadLocale
HeapSummary
OpenThread
ReadConsoleInputA
GetVolumePathNamesForVolumeNameA
GetFullPathNameA
VirtualAlloc
GetThreadPriorityBoost
GetCurrentConsoleFont
GetConsoleAliasesA
WriteConsoleInputA
DuplicateConsoleHandle
IsValidLanguageGroup
GetVersion
GetDiskFreeSpaceExA
SetPriorityClass
GetProcessId
EnumResourceNamesA
DeleteTimerQueueEx
SetTapeParameters
IsValidCodePage
UnlockFile
TerminateThread
GetFileSize
GetComputerNameA
GetDllDirectoryA
SignalObjectAndWait
lstrlenA
WriteConsoleOutputCharacterW
WritePrivateProfileStringA
ReadFileScatter
SetThreadAffinityMask
LoadLibraryA
CreateNamedPipeA
ReadConsoleA
GetFileAttributesExA
PeekConsoleInputA
HeapFree
IsBadHugeWritePtr
GetTickCount
GlobalFindAtomA
GetEnvironmentStringsA
ReadConsoleOutputAttribute
WriteFileEx
GetShortPathNameA
UpdateResourceA
IsDebuggerPresent
GetVolumePathNameA
AddAtomA
OpenMutexA
WriteConsoleOutputA

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeGetTime
timeBeginPeriod

Sections

.idata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 252KB - Virtual size: 258KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86a753170fd590694bf736eacfb3a7a9

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Sections

.idata Size: - Virtual size: 1KB

.text Size: 252KB - Virtual size: 258KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.idata
Size: - Virtual size: 1KB

.text
Size: 252KB - Virtual size: 258KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB