a2e8f4b35c340185c49ea5ccad033a10_JaffaCakes118

General

Target

a2e8f4b35c340185c49ea5ccad033a10_JaffaCakes118
Size

268KB
MD5

a2e8f4b35c340185c49ea5ccad033a10
SHA1

bdcc84d33dc410f0b71795f1f8489e095a374c4d
SHA256

e775e569b7ef984ce6f8835569a773cd304ddbd322f7d389f1a224f3753a02c9
SHA512

2e3b99b1ef897ee6ffd3c76e562ffb92a82df63e4934c36fbccf00e9cc55ef27fc05294151da3199cb9a4e003175c0a055af3c672f962689df5b5ea9b45059e8
SSDEEP

6144:Z2fjxjeLWxg8k7CGHsaDx6JYI/44PXfD/uum7WsXMTC:Z2bxjZm5HRDx2YI/4SPD/uumS9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2e8f4b35c340185c49ea5ccad033a10_JaffaCakes118

Files

a2e8f4b35c340185c49ea5ccad033a10_JaffaCakes118
.exe windows:4 windows x86 arch:x86

817b2cfe9bb7b70c9e9576be3754f6d9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DisconnectNamedPipe
IsBadStringPtrA
GetFileAttributesExA
GetCommState
lstrcat
GetFullPathNameA
ExpandEnvironmentStringsA
ChangeTimerQueueTimer
HeapFree
SetFilePointer
GetCurrentProcess
IsSystemResumeAutomatic
PurgeComm
GlobalWire
ReleaseSemaphore
GetFileSizeEx
OpenFileMappingA
GetLocaleInfoA
_lcreat
WriteProcessMemory
FindResourceExA
VirtualAlloc
SetDllDirectoryA
GetProcessWorkingSetSize
IsValidCodePage
GetWindowsDirectoryA
SetThreadPriority
GetCalendarInfoA
SetLocaleInfoA
QueueUserWorkItem
FlushConsoleInputBuffer
GetDevicePowerState
GetThreadTimes
SetComputerNameExW
GetVolumePathNameA
lstrcpynA
CopyFileExW
LocalAlloc
EnumUILanguagesA
lstrlenA
GetProcessAffinityMask
WriteFileEx
GetConsoleInputExeNameA
GetConsoleOutputCP
UpdateResourceA
CancelWaitableTimer
OpenWaitableTimerA
ClearCommError
FlushFileBuffers
EnumResourceTypesA
GetProcessHandleCount
CreateSemaphoreA
GetSystemTime
GetCommModemStatus
ProcessIdToSessionId
InterlockedDecrement
SetLocalTime
UnlockFileEx
GetFileAttributesExA
RemoveDirectoryA
FindResourceA
GetEnvironmentVariableA
WaitNamedPipeA
lstrcmpiA
CancelTimerQueueTimer
GetCurrentThread
GetCurrentDirectoryA
GetDefaultCommConfigA
QueryDosDeviceA
IsValidLocale
HeapUnlock
LZCopy
_lclose

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeGetTime
timeBeginPeriod

Sections

.idata
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 256KB - Virtual size: 262KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

817b2cfe9bb7b70c9e9576be3754f6d9

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Sections

.idata Size: - Virtual size: 3KB

.text Size: 256KB - Virtual size: 262KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.idata
Size: - Virtual size: 3KB

.text
Size: 256KB - Virtual size: 262KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB