dba19cd48144b18241249e0131cb7eaa_JaffaCakes118

General

Target

dba19cd48144b18241249e0131cb7eaa_JaffaCakes118
Size

61KB
MD5

dba19cd48144b18241249e0131cb7eaa
SHA1

19c6dda265a0c9ba035e20ad07b796d245170904
SHA256

452535c5f738c19fe7dc433ad5b52047e3e8bd5a1ed324204dc5485ded05a7f4
SHA512

0b128699e47890cacec9bdad7f91e693c5a2ec94105eb3aac3731a08c0001f37029679a6fba49588867209436a2eb86825a8c08bda589545bd8057545bc65926
SSDEEP

384:vhQ1RgVNHTLDSohncZsdmlDEkT+3cWic9dHGQy9Ap4vrsQ9K7pRynshlQsI4bxDS:fNzLD7cG3x9HQKu9Kplk4bBSGQn7d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dba19cd48144b18241249e0131cb7eaa_JaffaCakes118

Files

dba19cd48144b18241249e0131cb7eaa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab45bd48b4568426250e1ea4ca90c5b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetModuleFileNameA
lstrcatA
lstrcpyA
FindClose
FindNextFileA
lstrcmpiA
FindFirstFileA
GetLogicalDrives
GetComputerNameA
DeleteFileA
WideCharToMultiByte
UnhandledExceptionFilter
LoadLibraryA
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetProcAddress
ReadFile
CreateFileA
GetCPInfo
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetEndOfFile
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree
lstrlenA
CloseHandle
WriteFile
HeapCreate
HeapDestroy
FreeEnvironmentStringsW
SetFilePointer
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
FlushFileBuffers
VirtualFree
RtlUnwind
HeapAlloc
VirtualAlloc
HeapReAlloc
SetStdHandle

user32

FindWindowA
DefWindowProcA
ShowWindow
PostQuitMessage
CreateWindowExA
RegisterClassExA
UpdateWindow
LoadCursorA
wsprintfA

wininet

InternetOpenA
InternetConnectA
FtpCreateDirectoryA
FtpSetCurrentDirectoryA
FtpPutFileA

Sections

Xnwc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ab45bd48b4568426250e1ea4ca90c5b6

Headers

File Characteristics

Imports

kernel32

user32

wininet

Sections

Xnwc Size: 48KB - Virtual size: 48KB

.rsrc Size: 11KB - Virtual size: 12KB

.avc Size: 1KB - Virtual size: 4KB

Xnwc
Size: 48KB - Virtual size: 48KB

.rsrc
Size: 11KB - Virtual size: 12KB

.avc
Size: 1KB - Virtual size: 4KB