b2248ad2bafcabfde395cf8a9ab5c7a7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b2248ad2bafcabfde395cf8a9ab5c7a7_JaffaCakes118
Size

308KB
MD5

b2248ad2bafcabfde395cf8a9ab5c7a7
SHA1

c617ecee3438fcc9f37c9e050682dd6492beeace
SHA256

4b7bcccb2d988455436f73bcce7ada44350a89db4d816d41b3cbd3357a04081a
SHA512

66a50f4c33bca9908e1a7f48d51f0d65eb8376f13c56af7029b5abb25eb42221ac995d1c4c50e394364f05547b16d563358a8a2a01e1c04a403ca683e0730bea
SSDEEP

6144:ZycTLRbh4L8I+kE21hM7ocXEWJ755mlPqXqpJq7t0fYzQirYm3rJy:4cXRyT1cj7zWS6pJq7t0fyDsmJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b2248ad2bafcabfde395cf8a9ab5c7a7_JaffaCakes118

Files

b2248ad2bafcabfde395cf8a9ab5c7a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

62741b819c6d2ad98bd7ffe1c509d3af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
Process32Next
GlobalMemoryStatus
HeapSummary
GetEnvironmentStringsA
SetHandleCount
SetProcessPriorityBoost
VirtualUnlock
SetEvent
WriteConsoleOutputCharacterA
GetTempFileNameA
RaiseException
GetNativeSystemInfo
UpdateResourceA
GetCurrentThreadId
FlushViewOfFile
DeleteTimerQueueTimer
SetEnvironmentVariableA
SetConsoleInputExeNameA
GetSystemWindowsDirectoryA
HeapSize
ProcessIdToSessionId
PeekConsoleInputA
Heap32ListNext
ResetEvent
GetDefaultCommConfigA
ResetEvent
GetCPInfoExA
SetThreadPriority
OpenSemaphoreA
UnlockFileEx

wininet

InternetCrackUrlA
InternetQueryDataAvailable
FtpSetCurrentDirectoryW
InternetGetConnectedStateExA
ResumeSuspendedDownload
FtpRemoveDirectoryW
InternetUnlockRequestFile
FtpSetCurrentDirectoryW

Sections

.itext
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 296KB - Virtual size: 392KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ