c1690654ec1eda38e5ea7ed49036dad7_JaffaCakes118

General

Target

c1690654ec1eda38e5ea7ed49036dad7_JaffaCakes118
Size

152KB
MD5

c1690654ec1eda38e5ea7ed49036dad7
SHA1

53946edc901300bafb9dd81e8f1feb58f95e7eec
SHA256

0644fff715ba0b191e74deb3ab6ede8b68506675123ce13028bd895f87a43cf1
SHA512

d377ecdd1a4c9154beec28ca34d92471aec6f86b184dbaafb2839cc7b4b818a34c221c526ddd7c9718325541aaa07e9406607a8c5fab5645342af5959756e653
SSDEEP

3072:OaN/BynXXU3PJkDpxnVi5SqmaINonYcqmSrBliKD4o+ih:OaN/YXU/Jk95ViYR3XrBlJD4o+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1690654ec1eda38e5ea7ed49036dad7_JaffaCakes118

Files

c1690654ec1eda38e5ea7ed49036dad7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

438f684e04cbf14f75cce6bdcc533054

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleOutputAttribute
SetCurrentDirectoryA
GetProfileIntA
GetConsoleSelectionInfo
GetCurrentDirectoryA
TerminateThread
WriteProfileStringA
GetDriveTypeA
GetThreadPriority
LocalCompact
FindVolumeMountPointClose
IsBadWritePtr
CreateFileMappingW
GetThreadTimes
GetStringTypeExW
CreateFileMappingA
IsBadStringPtrA
FindFirstFileExW
FindResourceExA
GetNumberOfConsoleInputEvents
GetMailslotInfo
SetHandleInformation
OpenEventA
ClearCommBreak
InterlockedDecrement
IsValidCodePage
IsValidLocale
ReleaseMutex
HeapValidate
WriteConsoleInputA
_llseek
ReadConsoleInputA
SearchPathA
WaitNamedPipeA
GetCPInfoExA
GetProcessHeaps
LoadLibraryExW
Process32First
SetLastConsoleEventActive
GetCompressedFileSizeA
GetExitCodeThread
GetSystemWindowsDirectoryA
ReadConsoleOutputCharacterA
LZClose
VirtualAlloc
GetStartupInfoA
GetExpandedNameA
WriteProfileSectionA
OpenSemaphoreA
GetSystemTime
FreeEnvironmentStringsA
VerifyVersionInfoA
GlobalUnfix
ReleaseMutex
UnlockFile
ReplaceFileA
FillConsoleOutputCharacterA
GetLogicalDriveStringsA
SetConsoleIcon
GetFileAttributesA
GetSystemInfo
HeapLock
GetSystemPowerStatus
lstrlenA
CreateMutexA
IsBadCodePtr
GetProfileStringA
WriteConsoleA
GetComputerNameA
WaitForDebugEvent

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeBeginPeriod
timeGetTime

Sections

.idata
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 140KB - Virtual size: 493KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

438f684e04cbf14f75cce6bdcc533054

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Sections

.idata Size: - Virtual size: 3KB

.text Size: 140KB - Virtual size: 493KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.idata
Size: - Virtual size: 3KB

.text
Size: 140KB - Virtual size: 493KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB