a64e414a13ff6c99e8d734cfb4d438ba_JaffaCakes118

General

Target

a64e414a13ff6c99e8d734cfb4d438ba_JaffaCakes118
Size

176KB
MD5

a64e414a13ff6c99e8d734cfb4d438ba
SHA1

87b823af598b369fc1cd5a19e1deb0a51651524b
SHA256

f3367cd65153507c59d3eee013ce9cd1ca8ea9b36a78e27df9d55dc0bb8d313f
SHA512

3572bc38d86265f930b0d7455a6d66a490505393f21aa02e95485d31035b3f59b5dc1f72df2ff974ff3971950b7e9fea777c6d6cf21536427f487cad371e5709
SSDEEP

3072:SBR7TSst8M/buRrQ5xcgTJ/9L+5YhLQMzDOD874j8sdk7laWOg/:Wy1pqcSJ/gKLQMzaDu4gsa7l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a64e414a13ff6c99e8d734cfb4d438ba_JaffaCakes118

Files

a64e414a13ff6c99e8d734cfb4d438ba_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8b3add2f09c5dc6ba6e0b790e554e23e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetDriveTypeA
PulseEvent
GetModuleHandleA
IsBadStringPtrA
GetConsoleCommandHistoryLengthW
GetSystemDefaultUILanguage
GetWindowsDirectoryA
OpenWaitableTimerA
SetThreadExecutionState
GetFileAttributesExA
SetEvent
GetCurrentConsoleFont
GetEnvironmentVariableA
LocalHandle
SetConsoleFont
GetDiskFreeSpaceA
SetFilePointer
Heap32First
GetCurrentThread
SetVolumeLabelA
AddConsoleAliasA
SetUnhandledExceptionFilter
FindClose
IsBadCodePtr
ReadConsoleInputA
GetCurrentProcessId
MapUserPhysicalPagesScatter
SetConsoleInputExeNameA
GetExitCodeThread
SetConsoleCursor
EnumSystemGeoID
SetFilePointerEx
GetConsoleCursorInfo
UnregisterWaitEx
GetFullPathNameA
HeapDestroy
FlushConsoleInputBuffer
ProcessIdToSessionId
WriteConsoleOutputA
ClearCommError
Module32First
GetCurrentThread
WriteFileEx
RemoveDirectoryA
GlobalGetAtomNameA
GetConsoleAliasExesA
SetThreadAffinityMask
SetCommState
IsSystemResumeAutomatic
VirtualAlloc
GetSystemPowerStatus
TransmitCommChar
GetBinaryTypeA
DeleteTimerQueueTimer
FlushFileBuffers
WriteConsoleA
CreateSocketHandle
GetCommState
FindNextVolumeMountPointW
HeapDestroy
WriteConsoleOutputCharacterA
GetProfileSectionA
GetFileTime
UnlockFile

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeGetSystemTime
timeGetTime

Sections

.text
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itext
Size: 164KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b3add2f09c5dc6ba6e0b790e554e23e

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Sections

.text Size: - Virtual size: 2KB

.itext Size: 164KB - Virtual size: 171KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: - Virtual size: 2KB

.itext
Size: 164KB - Virtual size: 171KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB