94e30c25a7f195b702e5a43fa03b32b6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

94e30c25a7f195b702e5a43fa03b32b6_JaffaCakes118
Size

144KB
MD5

94e30c25a7f195b702e5a43fa03b32b6
SHA1

c5a8483b7a7fecb700f8a2f65f7c95fed2c66529
SHA256

f8193fcc88c4a4104a4928c965a96efc721eb2be152b38d44741b4a5fe16748a
SHA512

72d1ea8e9ba507deed4b2e027bd41c4132aca6099d4171a3728147c26d1bbe366e82094784a818266edf578a76c8b053db5c449aac8610527ac3ac4f84f56d25
SSDEEP

3072:6oY9MrYMre0Dj5KRKUil0VSsiA29IG503exDFqBOljpAE7b:6oyIYMrJqiaoM2750SFq2jp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94e30c25a7f195b702e5a43fa03b32b6_JaffaCakes118

Files

94e30c25a7f195b702e5a43fa03b32b6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8c279ad4512a19c68e5f4c7129de50a5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetThreadLocale
SetThreadAffinityMask
GetTickCount
IsWow64Process
GlobalSize
WriteProfileStringA
LockResource
WriteConsoleA
GetTempPathA
SystemTimeToTzSpecificLocalTime
GetVolumePathNamesForVolumeNameA
VirtualAlloc
GetSystemWindowsDirectoryA
HeapDestroy
SetFilePointer
SetPriorityClass
GetCommModemStatus
LoadLibraryExA
OutputDebugStringA
GetCommandLineA
SetProcessWorkingSetSize
DeleteAtom
GetProcessTimes
GetConsoleAliasExesLengthA
VirtualProtect
SetConsoleCursor
ReadConsoleA
TransmitCommChar
GetVolumeInformationA
GetThreadTimes
LocalHandle
GetModuleHandleA
IsBadCodePtr
GetCurrencyFormatA
GetConsoleTitleA
SetProcessPriorityBoost
ConvertDefaultLocale
FillConsoleOutputAttribute
WriteConsoleInputA
OpenJobObjectA
GetFileSize
SetEnvironmentVariableA
CreateFileA
IsSystemResumeAutomatic
ReadConsoleOutputCharacterA
GetFileTime
QueryPerformanceFrequency
Process32First
GetPriorityClass
GetFileAttributesA
ReleaseSemaphore
FindNextVolumeMountPointA
RemoveDirectoryA
EnumResourceNamesA
GetVolumePathNameA
GetComputerNameExA
ShowConsoleCursor
GetProcessHeaps
GetVolumePathNamesForVolumeNameA
SetConsoleCursorMode
QueryInformationJobObject
GetCurrentThread
GetComputerNameA
ChangeTimerQueueTimer
FlushConsoleInputBuffer
GetProcessVersion
FlushViewOfFile
MultiByteToWideChar
LockFile
SetInformationJobObject
OpenSemaphoreA
GetTempFileNameA

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeGetTime
timeGetSystemTime

Exports

Exports

Hucqmvkvmw
Boxiikkah
Peaipisjbb
Mrjscaqx
Eopvdjpmuyd
Njdximf
GetFxwbhvkriyb
WriteCnhnqxcoe

Sections

.idata
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 132KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c279ad4512a19c68e5f4c7129de50a5

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Exports

Exports

Sections

.idata Size: - Virtual size: 3KB

.text Size: 132KB - Virtual size: 180KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.idata
Size: - Virtual size: 3KB

.text
Size: 132KB - Virtual size: 180KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB