b6bfa75f6bc9be54cf756df6eb311378_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b6bfa75f6bc9be54cf756df6eb311378_JaffaCakes118
Size

68KB
MD5

b6bfa75f6bc9be54cf756df6eb311378
SHA1

b48369290fe96dd19085efcdb8d69ba814acc8bc
SHA256

e63ed2e88ff6e2855c85155aa04d0e81863f771ac93aec55583f609f524b1a09
SHA512

046e4dfef765b7a3de1497327cfc15897668290426f2c2ccdee77857f532d7148ab43d005dfc8f855a773e3b9366fa1821ef5ed503ba51121d9398ea57fc15e0
SSDEEP

768:uWLi+d7qQfEeHNtjYaSsKwUvkhamtjvjIJJZaZWR/kS5Q9Xvd5evkHTsZhbnzIUV:uEiZettj4w2yxvsJTaTvd5C8EnGJV2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6bfa75f6bc9be54cf756df6eb311378_JaffaCakes118

Files

b6bfa75f6bc9be54cf756df6eb311378_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5d3bd93ad57aff64521b479d0f83af26

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetDateFormatA
GetFileAttributesExA
MoveFileWithProgressA
ReadConsoleInputA
ReadConsoleOutputCharacterA
lstrcmpiA
UpdateResourceA
GetCommandLineA
GetCurrentThread
CreateThread
FindCloseChangeNotification
GetProcessIoCounters
WriteConsoleInputA
GetProcessPriorityBoost
GetCurrencyFormatA
GetConsoleFontSize
GetCurrentThreadId
GetSystemWindowsDirectoryA
GetFileAttributesA
GetTimeFormatA
GetTempFileNameA
GetThreadPriorityBoost
UnlockFile
OpenProcess
GetComputerNameExA
GetLogicalDrives
IsValidLocale
FileTimeToDosDateTime
FormatMessageA
WriteConsoleOutputA
TermsrvAppInstallMode
InterlockedDecrement
VirtualAlloc
DeleteTimerQueueEx
LocalHandle
GetComputerNameA
WaitCommEvent
GetVolumeInformationA
MapViewOfFile
ReadConsoleOutputAttribute
lstrcmpA
DeleteTimerQueue
GetEnvironmentStringsA
LoadLibraryExA
QueueUserAPC
DefineDosDeviceA
GetLocaleInfoA
FindNextVolumeMountPointW
MoveFileExA
LCMapStringA
PulseEvent
LZCopy
FlushFileBuffers
GlobalCompact
Process32Next
CreateEventA
GetConsoleAliasesLengthA
OutputDebugStringA
GetModuleFileNameA
IsBadHugeWritePtr
SetEndOfFile
SetFileShortNameA
GetExitCodeThread
EnumSystemCodePagesA
GetProcessTimes
AddConsoleAliasA
lstrlenA
ResetEvent
GetFileInformationByHandle
GetVolumePathNameA
ReplaceFileA

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeGetTime
timeBeginPeriod

Exports

Exports

WriteCqpjcro
Hiubxrmqlm
GetRetgcxyadvn
GetJkglmeuiky
Vxrjepo
Yiokqmvqix
Ppvxjtbn
Vqxnmeop

Sections

.idata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 56KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d3bd93ad57aff64521b479d0f83af26

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Exports

Exports

Sections

.idata Size: - Virtual size: 2KB

.text Size: 56KB - Virtual size: 183KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 2KB

.idata
Size: - Virtual size: 2KB

.text
Size: 56KB - Virtual size: 183KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 2KB