85fca7848bc4a64ab6adcc22f47e2d04_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

85fca7848bc4a64ab6adcc22f47e2d04_JaffaCakes118
Size

10KB
MD5

85fca7848bc4a64ab6adcc22f47e2d04
SHA1

a84c3c2bca933609100652e054e6fc6f466f854f
SHA256

102858cc89eaca82d74cafc0be8f164abc47512dca02d9ef32b9acef00c9da4a
SHA512

09ea9f6c1f8f4c54e131f7100374e83caf66e21f2b61beeb770ee1ed43a0040aea73a3bab32c1b468e2d148b03d100516027f388ba74b786d1ee2f7e5a22960e
SSDEEP

192:7N1Uc/yMcA3+8j+XNd6Puj272drF+bsnGrAu2NZi2oTseqX:7NGEFp3+TNd682mwsnGR2W2oTseg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85fca7848bc4a64ab6adcc22f47e2d04_JaffaCakes118

Files

85fca7848bc4a64ab6adcc22f47e2d04_JaffaCakes118
.exe windows:1 windows x86 arch:x86

1964adeb7789f7ff09e7472cfd3dd065

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

DllInstall
FtpGetFileA
FtpPutFileEx
GetUrlCacheEntryInfoExW
FtpRenameFileA

kernel32

CopyFileA
MoveFileA
ExitThread
lstrcatA
lstrcpyA

Sections

.text
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE