f922dfbbad2e2dca1946481365ffd127_JaffaCakes118

General

Target

f922dfbbad2e2dca1946481365ffd127_JaffaCakes118
Size

172KB
MD5

f922dfbbad2e2dca1946481365ffd127
SHA1

1b175c792ab5b8d2828cd8231ec2f066818d784c
SHA256

89a0034fd23544b9c3fcf15e72a2a1b6ab6f9249b4a10308a1665f63c4f1a65d
SHA512

909b8690a35b9cf04de2fcbb67a94cc6a59f01297425d336fad7b2e0edd5993aa729ffc1bcbc11591b09b8b49a89841c51a88a02cad0536c63685e32208c0631
SSDEEP

3072:dID6beMpo1HA3ptzZbMH5/t6ILqaAN4WjaLs2oI4x7ci:dIebLpo1HA5tzZSvL5q4WqoI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f922dfbbad2e2dca1946481365ffd127_JaffaCakes118

Files

f922dfbbad2e2dca1946481365ffd127_JaffaCakes118
.exe windows:4 windows x86 arch:x86

be5a31955d6f66bee59b7a45da716f55

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceExW
GetDefaultCommConfigA
lstrcpy
GetDriveTypeA
RegisterWaitForInputIdle
ReadConsoleInputA
GetCurrentConsoleFont
LZCloseFile
GetProcessIoCounters
SetWaitableTimer
CreateNamedPipeA
LoadLibraryExA
GetComputerNameA
CloseConsoleHandle
GlobalCompact
VirtualAlloc
GlobalFindAtomA
ExitVDM
HeapDestroy
GetFileSize
SetEnvironmentVariableA
_lwrite
LoadModule
SetConsoleTitleA
SetSystemPowerState
ReadFile
IsBadStringPtrA
WriteConsoleOutputCharacterW
GetCurrencyFormatA
WritePrivateProfileStringA
GetVersion
MoveFileExA
MoveFileExW
FreeResource
GetProcessAffinityMask
GetCommandLineA
OpenWaitableTimerA
IsValidLanguageGroup
SuspendThread
BuildCommDCBAndTimeoutsW
IsValidCodePage
SetFileAttributesA
Module32First
GlobalUnfix
GlobalHandle
GetVolumeInformationA
GetCurrentDirectoryA
GetFileAttributesExA
GetExitCodeThread
ReadFileEx
SetConsoleMaximumWindowSize
SetLastError
SetFileValidData
InterlockedDecrement
PeekConsoleInputA
WriteProcessMemory
FindNextVolumeA
GetModuleFileNameA
GetPriorityClass
_lcreat
GetWindowsDirectoryA
IsSystemResumeAutomatic
SetConsoleFont
SetThreadPriorityBoost
lstrlenA
lstrcpyA
IsValidLocale
GetDateFormatA
GetProcessShutdownParameters
MultiByteToWideChar
GetThreadTimes
IsBadReadPtr
VerifyVersionInfoA

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeBeginPeriod
timeGetTime

Sections

.idata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 160KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be5a31955d6f66bee59b7a45da716f55

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Sections

.idata Size: - Virtual size: 1KB

.text Size: 160KB - Virtual size: 165KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.idata
Size: - Virtual size: 1KB

.text
Size: 160KB - Virtual size: 165KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB