d10b00984e670917e9464a9cf3ec22bc_JaffaCakes118

General

Target

d10b00984e670917e9464a9cf3ec22bc_JaffaCakes118
Size

336KB
MD5

d10b00984e670917e9464a9cf3ec22bc
SHA1

c033985d9be0c24d981724e9686748cbfa557f5a
SHA256

8c1aaa424948b3a0bc1ccd1a14db0fa93089bd4d24c6ed279d74f52a47d8189f
SHA512

f29ae5985fd7670b1c3e2b55f635f250b2b396b1702192ac8ddf25d56f7a24edd8732a120867a5c8a1732f03bc6abd07491472d97eaf85dda671fe392254379a
SSDEEP

6144:xfJ2a5WIkSCUHeKSPTd804bASyZ3JedmZB7+CaH8IFI1jTaWviFtMgXq3bDZx:xYPIbTQ7a58oI/aWYtAZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d10b00984e670917e9464a9cf3ec22bc_JaffaCakes118

Files

d10b00984e670917e9464a9cf3ec22bc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f3b11aa672a49ea2cf9a767c4e7b6336

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_llseek
lstrcat
GetSystemDirectoryA
SetFilePointer
GetModuleFileNameA
GetFullPathNameA
GetProcessHeaps
GetFileType
IsValidCodePage
GetFileAttributesExA
GetThreadPriority
GetNumberFormatA
GetWindowsDirectoryA
ResetWriteWatch
GetStdHandle
HeapDestroy
GetCurrentThread
IsValidLanguageGroup
SetComputerNameExW
OpenJobObjectA
GetProcessIoCounters
ReadConsoleOutputCharacterA
EnumResourceLanguagesA
HeapUnlock
PulseEvent
GetVDMCurrentDirectories
RemoveDirectoryA
ReadConsoleOutputAttribute
EnumSystemGeoID
FindNextVolumeMountPointA
OutputDebugStringA
WriteProfileSectionA
GetPrivateProfileIntA
SetThreadPriorityBoost
VirtualQuery
SetMailslotInfo
GetConsoleTitleA
GetCommTimeouts
WaitForMultipleObjects
GetCurrentProcessId
HeapCreate
GetFileTime
VirtualAlloc
GetCommMask
ProcessIdToSessionId
OpenMutexA
GetLocaleInfoA
GlobalMemoryStatus
GetShortPathNameA
GetComPlusPackageInstallStatus
IsBadHugeReadPtr
CancelWaitableTimer
GetCurrencyFormatA
LocalSize
SetHandleCount
GetSystemTimes
LZDone
PeekConsoleInputA
FindAtomA
FillConsoleOutputCharacterA
WriteConsoleA
WriteConsoleOutputCharacterW
ReadConsoleOutputCharacterA
ReleaseSemaphore
MoveFileWithProgressA
DeleteAtom
ShowConsoleCursor
GetBinaryTypeA
SetComputerNameA
GetVersionExA
GetDiskFreeSpaceExA
IsBadCodePtr

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeGetTime
timeGetSystemTime

Sections

.idata
Size: - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 324KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3b11aa672a49ea2cf9a767c4e7b6336

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Sections

.idata Size: - Virtual size: 916B

.text Size: 324KB - Virtual size: 331KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.idata
Size: - Virtual size: 916B

.text
Size: 324KB - Virtual size: 331KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB