396626159a7d15e8d60a9b95ed7c62a5_JaffaCakes118

General

Target

396626159a7d15e8d60a9b95ed7c62a5_JaffaCakes118
Size

172KB
MD5

396626159a7d15e8d60a9b95ed7c62a5
SHA1

0cc9ceb7986cf623eef010aa7d16bd96cb40d5f7
SHA256

99efadbb1aaf2b57e414bf2630dd57f5fa5ff953543c5acda029ae183b2445c7
SHA512

9d373dd8811a6b9384b7c30603e40b6fef516b7ee225e2fb3a215eac1b754b20b66459b0d59ce9bac9214555aca379824b600f6aedf79bd1b3fe549d55c8e105
SSDEEP

3072:JGf6o4VHWItq7KI9VlEyWOyNcFIB0RdZiLoxYvcykePRZljXdbZ8:cfX4VHWItmt9VlEWyNcg0nGcyDPTNdbZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
396626159a7d15e8d60a9b95ed7c62a5_JaffaCakes118

Files

396626159a7d15e8d60a9b95ed7c62a5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4f4096eec0b04908c36917e4cadcf332

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetEnvironmentVariableA
UnmapViewOfFile
ProcessIdToSessionId
UnlockFileEx
GetDllDirectoryA
GetNativeSystemInfo
PurgeComm
CompareStringA
SetCommConfig
GetFullPathNameA
WaitForDebugEvent
GetWriteWatch
QueryPerformanceCounter
SetLocaleInfoA
RemoveDirectoryA
GetProcessVersion
FindFirstChangeNotificationA
GetDiskFreeSpaceExA
GlobalUnfix
GetCurrentDirectoryA
ClearCommBreak
GetConsoleSelectionInfo
GetSystemTimes
GetSystemDirectoryA
IsBadReadPtr
WriteConsoleOutputCharacterA
OpenSemaphoreA
VirtualAlloc
ReadConsoleInputA
IsValidLocale
GetConsoleAliasesLengthW
SetHandleCount
EndUpdateResourceA
SetConsoleCP
MoveFileExA
GetSystemPowerStatus
InterlockedDecrement
FlushConsoleInputBuffer
GetLogicalDrives
lstrlenA
GetTimeFormatA
FlushViewOfFile
FileTimeToDosDateTime
SetEvent
GetCPInfo
CopyFileExA
IsBadStringPtrA
GetConsoleAliasesLengthA
ConnectNamedPipe
SetConsoleHardwareState
GetSystemWindowsDirectoryA
GetProcessWorkingSetSize
OpenThread
GetDriveTypeA
GetCommState
WriteConsoleOutputA
CreateNamedPipeA
IsSystemResumeAutomatic
SetCalendarInfoA
SetEndOfFile
DeleteTimerQueueEx
GetComPlusPackageInstallStatus
SystemTimeToTzSpecificLocalTime
ChangeTimerQueueTimer
GetWindowsDirectoryA

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeBeginPeriod
timeGetTime

Sections

.idata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 160KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f4096eec0b04908c36917e4cadcf332

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Sections

.idata Size: - Virtual size: 1KB

.text Size: 160KB - Virtual size: 165KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.idata
Size: - Virtual size: 1KB

.text
Size: 160KB - Virtual size: 165KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB