35f67aedc3460358115322baf4f393ac_JaffaCakes118 | Triage

Sharing

General

Target

35f67aedc3460358115322baf4f393ac_JaffaCakes118
Size

303KB
MD5

35f67aedc3460358115322baf4f393ac
SHA1

882f6e185440564f3efbc3187bc1280f822f35aa
SHA256

856bce6eaa40ec0e3bd0511fd739fc9f7bfb7cb4724d7195ccf6998504bac41e
SHA512

dab8329830e1fc9aa7d2479229d0f64b6430c99e19a9b87c7415b05c3c957e51384d4b5c1b9787245a34c466e7d60d663bd954e8576e76622b0a1863396bd5bd
SSDEEP

6144:VZGkgUkaLKxFZr+qPmczbnuoHP5S3gOl+L0VYKBYMFXtnRaQEoxM9lTm:K0+FA8mEbnZP5D9LVxWRa+xym

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35f67aedc3460358115322baf4f393ac_JaffaCakes118

Files

35f67aedc3460358115322baf4f393ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8998459a90e796d2871a0586afcd095c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
LoadLibraryA
GetProcAddress
VirtualFree
Module32First
CreateFileA
GetEnvironmentVariableW
VirtualAlloc
Heap32ListFirst
Sleep

wininet

InternetConnectA
FtpGetCurrentDirectoryA

ole32

CoUninitialize

advapi32

RegQueryValueExA
RegQueryValueA

Sections

lKsUtGMp
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

nBlVmBON
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BjLbSOda
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ykJsFOJD
Size: 265KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE