25874ac5bb022d3a0cee73c05aa07641_JaffaCakes118

General

Target

25874ac5bb022d3a0cee73c05aa07641_JaffaCakes118
Size

336KB
MD5

25874ac5bb022d3a0cee73c05aa07641
SHA1

7b59d0bb082dec3db7fcfacb1a371e6c0edb18e3
SHA256

672c3a6cf604dca26332b6954928d047dbf25e89e56fdb14eee416a9d04af307
SHA512

134a950721c3f91529e9eb37243ee7c75342b1d41affbb968b1509ecba73419fc034ac8d045c6008ee6c4470c99b449ebfd6edcfb2d938dca501e15b37e9e781
SSDEEP

6144:zbCYcWnnF8G7FKpG33kmz41Rdo25Oq+/s9xJyZnHg:zNcWnF8lG3/E4Bs9xJyZnHg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25874ac5bb022d3a0cee73c05aa07641_JaffaCakes118

Files

25874ac5bb022d3a0cee73c05aa07641_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e215cde80ff37ea2f380e1c4b27d28d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLogicalDrives
SearchPathA
PeekConsoleInputA
VirtualAlloc
GetNamedPipeHandleStateA
GetThreadContext
ReadConsoleInputA
GetDevicePowerState
GetStartupInfoA
DeleteTimerQueue
OpenMutexA
WriteConsoleOutputAttribute
GetShortPathNameA
GlobalDeleteAtom
GetConsoleCommandHistoryLengthA
CopyFileExA
CommConfigDialogA
IsBadHugeWritePtr
SetEvent
QueueUserAPC
SetThreadAffinityMask
lstrcatA
SetConsoleMaximumWindowSize
GetProcessHandleCount
LocalSize
VerifyVersionInfoA
WaitForMultipleObjects
GetSystemWindowsDirectoryA
ChangeTimerQueueTimer
ProcessIdToSessionId
VirtualAlloc
GetCurrentDirectoryA
GetConsoleTitleA
LocalReAlloc
EnumTimeFormatsA
DeleteTimerQueueTimer
GetLogicalDriveStringsA
GetVersion
FlushConsoleInputBuffer
GetProcessId
LocalCompact
GetEnvironmentStringsA
GetEnvironmentVariableA
CopyFileA
GetThreadSelectorEntry
GetSystemDirectoryA
GetNumberOfConsoleMouseButtons
lstrlenA
SetThreadUILanguage
OpenFileMappingA
GetDllDirectoryA
GetVolumeNameForVolumeMountPointA
SetVolumeMountPointA
SetFilePointer
GetWindowsDirectoryA
RemoveDirectoryA
GetUserDefaultUILanguage
GetFileSize
GetMailslotInfo
GetVersionExA
Process32First
GetCurrentThread
GetCommModemStatus
OpenJobObjectA
SetConsoleTitleA
WriteConsoleA

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeGetSystemTime
timeGetTime

Sections

.idata
Size: - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 324KB - Virtual size: 328KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e215cde80ff37ea2f380e1c4b27d28d6

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Sections

.idata Size: - Virtual size: 64B

.text Size: 324KB - Virtual size: 328KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.idata
Size: - Virtual size: 64B

.text
Size: 324KB - Virtual size: 328KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB