725e0898104f45eea6dacc1e48100dba_JaffaCakes118

General

Target

725e0898104f45eea6dacc1e48100dba_JaffaCakes118
Size

292KB
MD5

725e0898104f45eea6dacc1e48100dba
SHA1

c8a1aff7614b8de0d83a76311374a98888eef2e5
SHA256

9627c49e915278f1b66a35dd451d135d865c40cb578a51b24357f9f6f6c9b732
SHA512

4254d6cbfc4ff27b8204f334393c9399867a1f89af18130cdf1ab338f8afd08d458eeb7c14543f2d700ed995193a26e2856d40e1cd8840558c198925d191e970
SSDEEP

6144:2ATaprnoaXIL0/9jynFD+SkRajyz9JjUdR6ZCOlxj1llXS:zurOuynZnkOu9lUdRmrhT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
725e0898104f45eea6dacc1e48100dba_JaffaCakes118

Files

725e0898104f45eea6dacc1e48100dba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e965321a6a6dfd0d4789d6675bd80af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PulseEvent
GetCurrentThread
GetThreadSelectorEntry
GetCurrentProcess
SetFilePointer
GetStringTypeA
ReadConsoleInputA
WaitNamedPipeA
SetFirmwareEnvironmentVariableA
GetDriveTypeA
HeapSize
GetFileSizeEx
GetFileTime
SetConsoleDisplayMode
WritePrivateProfileStringA
WriteConsoleOutputA
GetFullPathNameA
GetNamedPipeInfo
GlobalUnlock
LZCopy
_hwrite
EnumSystemCodePagesA
GetVersionExA
GetConsoleOutputCP
GetVolumePathNameA
ReleaseSemaphore
CreatePipe
GetDllDirectoryA
FreeResource
IsValidCodePage
GetThreadTimes
IsBadStringPtrA
GetCPInfoExA
GetConsoleAliasExesLengthW
LZStart
lstrlenA
GetThreadPriority
Module32First
GetUserDefaultLCID
SetPriorityClass
lstrcpyn
GetCurrentThreadId
GetStdHandle
SearchPathA
GetProcessWorkingSetSize
GetCurrentDirectoryA
FindAtomA
EnumResourceLanguagesA
CreateNamedPipeA
GetLocaleInfoA
WriteConsoleA
FlushFileBuffers
OpenFileMappingA
HeapQueryInformation
_lcreat
FindFirstVolumeA
GetWindowsDirectoryA
WriteConsoleA
IsBadWritePtr
VirtualAlloc
HeapFree
GetModuleFileNameA
BuildCommDCBAndTimeoutsA
SetConsoleCursorInfo
SetConsoleCursor
GetCommProperties
CreateSocketHandle
ReleaseMutex
GetConsoleCursorMode

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeGetTime
timeGetSystemTime

Sections

.idata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 280KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e965321a6a6dfd0d4789d6675bd80af

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Sections

.idata Size: - Virtual size: 2KB

.text Size: 280KB - Virtual size: 393KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.idata
Size: - Virtual size: 2KB

.text
Size: 280KB - Virtual size: 393KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB