876333ae60de50e00b6f0333aaffab43_JaffaCakes118

General

Target

876333ae60de50e00b6f0333aaffab43_JaffaCakes118
Size

36KB
MD5

876333ae60de50e00b6f0333aaffab43
SHA1

a4200547e6a5d26e5f6a4b50ae3619cdd951fe2f
SHA256

4b50975cba6fc690a195c2992d96c53e51d034884333fa34f8174c3e5d588efb
SHA512

558abe1f11ee9ea77f70a3cb08a8411611d51fbb7a87f2700732a497bdc236f8f9457879fb8df9e1de1ba10978ac93773e337be99509363345a8d97ca82e8c8a
SSDEEP

384:+Q/uLsF24TUqSqtBoaP9h08ZmlDXNWRVuQbyMXV1XDU8a7yahodigMcmBKD:1/hUqlB3C8i8RVT1F1z3a+godiym

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
876333ae60de50e00b6f0333aaffab43_JaffaCakes118

Files

876333ae60de50e00b6f0333aaffab43_JaffaCakes118
.exe windows:4 windows x86 arch:x86

03440a8a4f98eaa14af2c3d5de52ef33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
WriteFile
Sleep
CloseHandle
SetFilePointer
CreateFileA
CreateThread
WaitForSingleObject
GetModuleFileNameA
CopyFileA
lstrcmpiA
FreeLibrary
GetProcAddress
LoadLibraryA
WinExec
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetStdHandle
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
GetLastError
RtlUnwind
HeapFree
GetSystemTime
GetComputerNameA
GetModuleHandleA
GetLocalTime
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
FlushFileBuffers

user32

wsprintfA
ToAscii
GetKeyboardState
GetKeyNameTextA
GetWindowTextA
GetActiveWindow
SetTimer
TranslateMessage
SetWindowsHookExA
PeekMessageA
SetKeyboardState
GetMessageA
DispatchMessageA
UnhookWindowsHookEx
CallNextHookEx

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyA

wininet

FtpPutFileA
FtpSetCurrentDirectoryA
FtpCreateDirectoryA
InternetConnectA
InternetOpenA
InternetCloseHandle

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

03440a8a4f98eaa14af2c3d5de52ef33

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 4KB - Virtual size: 3KB