6459a18b8de0f50d91e0d2b9a412ebd2_JaffaCakes118

General

Target

6459a18b8de0f50d91e0d2b9a412ebd2_JaffaCakes118
Size

292KB
MD5

6459a18b8de0f50d91e0d2b9a412ebd2
SHA1

564ba479f651c34ef6ed88814b9dfa47632c1d05
SHA256

6cbb3c98745915fc5a1b69e27c9ce3bd1aafe1dd293bbb2766d46ac96ec70ac1
SHA512

4a02c465f2df55741cfdd521715f66347488f6a058b562a375861ebef949a721ac5c36e9edb9c148cd4f5246570ba54af4fad86e64234db24f69a73c0c9bf99a
SSDEEP

6144:UEuaH3usQ/bAB+PkJXk1ZGb2AI3iLkA+:xN+sQ/bDPiz2z3uk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6459a18b8de0f50d91e0d2b9a412ebd2_JaffaCakes118

Files

6459a18b8de0f50d91e0d2b9a412ebd2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9a4798c0493970fede79ef574db86159

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDllDirectoryA
GetConsoleCursorMode
GetPrivateProfileIntA
IsBadHugeWritePtr
IsBadWritePtr
GetTempPathA
SetVolumeMountPointA
GetVersionExA
GetCommTimeouts
GetFileInformationByHandle
ReadFile
GlobalLock
GetDateFormatA
GetCurrentThread
OpenSemaphoreA
GetCommModemStatus
EnumTimeFormatsA
GetNumberFormatA
GetTempFileNameA
LockFileEx
RemoveDirectoryA
GetEnvironmentVariableA
GetProcessTimes
GetCommTimeouts
GetLocalTime
FindFirstChangeNotificationA
SetTapeParameters
RegisterWaitForSingleObject
lstrcpy
GetCommMask
ReadConsoleOutputCharacterA
SetVDMCurrentDirectories
VirtualAlloc
GetTimeZoneInformation
LocalSize
FileTimeToDosDateTime
SetFilePointer
SetCommTimeouts
LocalReAlloc
lstrcatA
GetConsoleAliasesLengthW
WriteConsoleA
OpenProfileUserMapping
FindAtomA
PulseEvent
LockFile
ChangeTimerQueueTimer
OpenWaitableTimerA
VirtualAlloc
GetWindowsDirectoryA
GetCommState
IsProcessorFeaturePresent
Process32Next
SetFilePointer
GetLogicalDrives
BuildCommDCBAndTimeoutsA
GetUserDefaultLCID
ReadConsoleA
CancelWaitableTimer
GetProcessHeap
GetConsoleAliasesA
ProcessIdToSessionId
WriteConsoleOutputCharacterA
GetEnvironmentStringsA
GetSystemTime
SetConsoleWindowInfo
FindFirstFileExA
GetSystemInfo
ClearCommError
GetEnvironmentStringsA
GetSystemWindowsDirectoryA

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeGetTime
timeGetSystemTime

Sections

.idata
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 280KB - Virtual size: 388KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a4798c0493970fede79ef574db86159

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Sections

.idata Size: - Virtual size: 3KB

.text Size: 280KB - Virtual size: 388KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.idata
Size: - Virtual size: 3KB

.text
Size: 280KB - Virtual size: 388KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB