2b3436c7e9038278246f2a2f3937d08a_JaffaCakes118

General

Target

2b3436c7e9038278246f2a2f3937d08a_JaffaCakes118
Size

336KB
MD5

2b3436c7e9038278246f2a2f3937d08a
SHA1

b75f6e262009a9113c26e1302db6f7ad643f045b
SHA256

99146ee0827beaa0d26f0d8a36b0271cfb08faeac2b21e9550bc6621b54af890
SHA512

47b817b495d21fecfaa978af49a85328d843594283155adaccead666b69c2faefd3c779a95b02aded4134f8dab4be65ee2e64b7965fe4d38ddd2145b37371145
SSDEEP

6144:3CFpcPxjawPbMzaaTjGcBkLzj/LpclLwMOPX40jirLjmAQFf2aicocRcE:SFKvMzT62kL31clsXf40J/FXicBRcE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b3436c7e9038278246f2a2f3937d08a_JaffaCakes118

Files

2b3436c7e9038278246f2a2f3937d08a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d05fe1f34b84cad3433688f98932075f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleInputExeNameA
GlobalDeleteAtom
GetProcessId
LZSeek
GetEnvironmentStringsA
GlobalFlags
lstrlenA
WriteConsoleA
OpenFileMappingA
GetModuleHandleA
SetConsoleHardwareState
GetConsoleKeyboardLayoutNameA
SetThreadIdealProcessor
SetThreadPriority
GetStringTypeExA
SetLocalPrimaryComputerNameA
SetTapePosition
IsValidLocale
GetThreadTimes
GetProcessTimes
WaitForSingleObject
IsDebuggerPresent
GetFullPathNameA
ReadConsoleInputA
SetThreadAffinityMask
GetFileSizeEx
InterlockedDecrement
UpdateResourceA
LockFile
EnumResourceTypesA
lstrcmpA
ReadConsoleA
SetVolumeMountPointA
SetConsoleTextAttribute
lstrcpy
FindVolumeClose
ReadConsoleOutputAttribute
Module32Next
GetNamedPipeHandleStateA
Heap32First
TransmitCommChar
ConnectNamedPipe
FindAtomA
HeapSummary
IsBadReadPtr
SetCommTimeouts
WriteConsoleOutputAttribute
GetTapeParameters
lstrlenA
PulseEvent
GetFileType
ResetWriteWatch
GetConsoleMode
VirtualAlloc
GetSystemTime
ClearCommBreak
EnumResourceNamesA
MapUserPhysicalPagesScatter
SetCommState
FindClose
OpenWaitableTimerA
EnumResourceLanguagesA
GetPrivateProfileStringA
SetDefaultCommConfigA
HeapValidate
LocalUnlock
GetCurrentProcessId
GetEnvironmentVariableA
MoveFileExW

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeGetTime
timeBeginPeriod

Sections

.idata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 324KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d05fe1f34b84cad3433688f98932075f

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Sections

.idata Size: - Virtual size: 2KB

.text Size: 324KB - Virtual size: 331KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.idata
Size: - Virtual size: 2KB

.text
Size: 324KB - Virtual size: 331KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB