65b11965b69c4e841291f9ceb86b63e7_JaffaCakes118

General

Target

65b11965b69c4e841291f9ceb86b63e7_JaffaCakes118
Size

336KB
MD5

65b11965b69c4e841291f9ceb86b63e7
SHA1

881e4d3fc73196ef77e57aab3ab69895d96b1114
SHA256

ebad779d47f58a1a940a211e8ddcbd932a9ae3ede66ae85b02b6c2871e4e54b8
SHA512

73f4238c6e447d5f51451c93bd029390456a372e445eafbdba4c55dc7685854bfbe61815cc78fd2637e58ba3d364c397ef82e7adcf5c48270bbf34648120be08
SSDEEP

6144:2R3x18qzutS2/xDo+QF9dllVlVAAJqqPGSb4YB5tz/nmME+FP:2R3n8q6Bu1Tdt/AVqVNHiMNd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65b11965b69c4e841291f9ceb86b63e7_JaffaCakes118

Files

65b11965b69c4e841291f9ceb86b63e7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a72340cbce93a0e0e79b321db13a6884

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetThreadContext
GetPrivateProfileStringA
WriteConsoleOutputCharacterA
UnregisterWaitEx
GetMailslotInfo
ExitProcess
FlushViewOfFile
MapViewOfFileEx
FindResourceExA
OpenJobObjectA
DeleteTimerQueue
DisconnectNamedPipe
BeginUpdateResourceA
QueueUserWorkItem
WriteConsoleOutputA
GetCPInfo
WriteConsoleA
GetFileSizeEx
GetProcessHeaps
SetHandleInformation
GetCurrentProcess
MultiByteToWideChar
VirtualAlloc
GetConsoleCommandHistoryLengthW
ResetWriteWatch
GetDriveTypeA
CreateNamedPipeA
SetComputerNameA
GetFileAttributesExA
GlobalMemoryStatus
IsBadStringPtrA
GetSystemDefaultLCID
SetEvent
SetConsoleMaximumWindowSize
GetWriteWatch
CreateDirectoryExA
GetAtomNameA
GetProcessAffinityMask
UnlockFile
GlobalHandle
GetConsoleInputWaitHandle
SetThreadPriorityBoost
GetSystemWindowsDirectoryA
GetVersionExA
SetEnvironmentVariableA
GetNumberOfConsoleInputEvents
GetEnvironmentStringsA
GetProcessId
GetProcessHeap
GetFileInformationByHandle
lstrcat
IsBadStringPtrA
SetVDMCurrentDirectories
GetCurrentThread
SetFilePointer
OpenFile
VirtualAllocEx
PurgeComm
FlushConsoleInputBuffer
GetDiskFreeSpaceExA
ResetEvent
GetThreadTimes
DeleteTimerQueueEx
LocalFlags
EndUpdateResourceA

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeGetTime
timeGetSystemTime

Sections

.idata
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 324KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a72340cbce93a0e0e79b321db13a6884

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Sections

.idata Size: - Virtual size: 3KB

.text Size: 324KB - Virtual size: 331KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.idata
Size: - Virtual size: 3KB

.text
Size: 324KB - Virtual size: 331KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB