08194ce1e097934b7e73df3815946732_JaffaCakes118

General

Target

08194ce1e097934b7e73df3815946732_JaffaCakes118
Size

256KB
MD5

08194ce1e097934b7e73df3815946732
SHA1

eb0856c3d16a584cb6cf12f433bbaed1a9b8c2b3
SHA256

1d808586a370ab7022e17630c4c246703cd45f1ebcb7c5a0cfb47cb51dff28b5
SHA512

b6de0adeaed4bc5d72f6a3391ae58497c891a55cc1b0559629786e0e4864f573011556cd2a9d606fee7d0d6728a91dae3df745488068ccbe863a04d045640006
SSDEEP

6144:eMw1taFdS0qIVS4vNP46Gd/pZIY0eEXidLM:eT1tg0IZvN4Rd/8Y06d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08194ce1e097934b7e73df3815946732_JaffaCakes118

Files

08194ce1e097934b7e73df3815946732_JaffaCakes118
.dll windows:4 windows x86 arch:x86

713f2eaf70074ac6cb99dfb2bf9359ba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OpenFileMappingA
GetAtomNameA
SetCommState
SetThreadPriority
GetPrivateProfileStringA
InterlockedDecrement
SetCurrentDirectoryA
GetSystemDirectoryA
GetWindowsDirectoryA
VirtualAlloc
_lclose
GetProcessId
GetProfileStringA
GetCommandLineA
GetConsoleAliasesLengthA
EnumSystemLanguageGroupsA
ReadConsoleOutputCharacterA
MoveFileExW
IsWow64Process
GetProcessPriorityBoost
SetFileAttributesA
SetProcessPriorityBoost
ClearCommBreak
SetCommBreak
WriteConsoleOutputCharacterA
SetFileAttributesA
WideCharToMultiByte
ReadConsoleA
WriteConsoleInputA
IsValidLocale
SetComputerNameExA
EnumResourceTypesA
HeapValidate
ReadConsoleOutputAttribute
GetMailslotInfo
SetConsoleCursorMode
DeleteTimerQueueTimer
GetDefaultCommConfigA
GetDiskFreeSpaceA
GetLogicalDriveStringsA
HeapDestroy
DefineDosDeviceA
GetConsoleInputExeNameA
VerifyVersionInfoA
FlushFileBuffers
GetProcessHeaps
lstrlenA
GetSystemRegistryQuota
OpenSemaphoreA
GetUserDefaultUILanguage
LocalSize
lstrcmpi
GetFileAttributesExA
GetConsoleOutputCP
GetConsoleAliasExesLengthW
WriteProcessMemory
GetEnvironmentVariableA
GetVolumePathNamesForVolumeNameA
SetPriorityClass
GetModuleHandleA
PulseEvent
WriteConsoleInputA
SetThreadExecutionState
GetTapeStatus
GetProcessWorkingSetSize
GetPriorityClass
FillConsoleOutputCharacterA
LZOpenFileA

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeBeginPeriod
timeGetTime

Sections

.idata
Size: - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 244KB - Virtual size: 250KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

713f2eaf70074ac6cb99dfb2bf9359ba

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Sections

.idata Size: - Virtual size: 848B

.text Size: 244KB - Virtual size: 250KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.idata
Size: - Virtual size: 848B

.text
Size: 244KB - Virtual size: 250KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB