41030fac19a44dbe6e903dc706f0298e_JaffaCakes118

General

Target

41030fac19a44dbe6e903dc706f0298e_JaffaCakes118
Size

36KB
MD5

41030fac19a44dbe6e903dc706f0298e
SHA1

39b24f30b01ca7beb9d7d87edb4d9f21373f859a
SHA256

a0eae6dd420d8ae258e0cc8a4300a93ed2d25e30dc8839b7c497648b1ca991ee
SHA512

42f7d6c2e8aae53bd0575541e480eeb7e63d2a86f35c4bf98ebc38983dcff6d546472998c4e4d43cd8f0c7d09b59c4673a22fab4b535d7390e790b6dfb725276
SSDEEP

384:oVsRP5sNv6FyqXoRgTRySTyTaYHcImlAg0UmrfmIFJBcD7MxynCClA4:nG2r46RyDTaYbUmvJBcD7uClA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41030fac19a44dbe6e903dc706f0298e_JaffaCakes118

Files

41030fac19a44dbe6e903dc706f0298e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a3874e83847d1b98145f189598784d35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
lstrcpyA
FindClose
FindNextFileA
FindFirstFileA
UnmapViewOfFile
MapViewOfFile
CloseHandle
CreateFileMappingA
GetFileSize
CreateFileA
GetLogicalDrives
GetModuleFileNameA
GetComputerNameA
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
ReadFile
SetEndOfFile
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
DeleteFileA
lstrlenA
GetCPInfo
SetFilePointer
FlushFileBuffers
SetStdHandle
HeapReAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
GetLastError
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
HeapAlloc
VirtualAlloc
GetStringTypeW

user32

wsprintfA
FindWindowA
RegisterClassExA
LoadCursorA
UpdateWindow
PostQuitMessage
DefWindowProcA
CreateWindowExA
ShowWindow

advapi32

GetUserNameA

wininet

FtpSetCurrentDirectoryA
FtpCreateDirectoryA
InternetConnectA
InternetOpenA
FtpPutFileA

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a3874e83847d1b98145f189598784d35

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 8KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 8KB