e09f64f579bffe797dcc7378e96ceadb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e09f64f579bffe797dcc7378e96ceadb_JaffaCakes118
Size

144KB
MD5

e09f64f579bffe797dcc7378e96ceadb
SHA1

64fb9d07c680d64ebe732174ffe2fd88eac01ad4
SHA256

c8a3885b4814e60b9c8f32cb7b48dd2bb31e093a44f84d20221a2306eeb6fa1c
SHA512

286d56bcd93867ca9534b69e3a5cb2fb0ad246c085cf798b2ff4e06a6c49c303d646c3f15ce9ea1cc4cedf9e5f12be342264f68c31e835eba88d176474f6328f
SSDEEP

3072:uNKfqiWk97dLRwbFQSyfVHPlVCi3bV79XM3O8SF3nO9RYMP2PAtVLgU+1Rs:usfqi797dFRX9VCi3R79Xx8K38tP2s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e09f64f579bffe797dcc7378e96ceadb_JaffaCakes118

Files

e09f64f579bffe797dcc7378e96ceadb_JaffaCakes118
.dll windows:4 windows x86 arch:x86

31314ae48ec5a1ea8be78bf21623ce2d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLocalTime
WriteConsoleA
SetComputerNameA
GetDiskFreeSpaceA
SetFilePointer
SetWaitableTimer
HeapFree
GetCommandLineA
SetCalendarInfoA
GetTimeFormatA
GetProcessIoCounters
DeleteFileA
GetVolumeInformationA
GetConsoleMode
IsValidLanguageGroup
SetFilePointerEx
GetPriorityClass
LoadModule
GetPrivateProfileSectionNamesA
GetStdHandle
IsBadStringPtrA
GetLogicalDriveStringsA
LocalShrink
GetConsoleCommandHistoryLengthA
WritePrivateProfileStringA
OpenJobObjectA
GetCurrentConsoleFont
GetThreadTimes
SuspendThread
SetThreadLocale
OpenEventA
SetEnvironmentVariableA
CreateFileA
RemoveDirectoryA
WriteConsoleOutputCharacterA
GetCurrentDirectoryA
GetWindowsDirectoryA
BuildCommDCBAndTimeoutsA
WriteConsoleOutputA
GetVersionExA
DeleteTimerQueue
GetProcessHeaps
SetCommBreak
VirtualAlloc
SetLocalTime
FindFirstVolumeA
GetUserDefaultUILanguage
WriteProcessMemory
OpenSemaphoreA
GetSystemTimes
GetVDMCurrentDirectories
DuplicateConsoleHandle
GetModuleFileNameA
GetSystemDefaultLangID
GetThreadSelectorEntry
lstrlenA
DuplicateHandle
GetComPlusPackageInstallStatus
GetConsoleScreenBufferInfo
GetCurrentThread
GetCommState
ConnectNamedPipe
FindNextChangeNotification
Module32Next
ClearCommError
FindNextFileA

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeGetTime
timeGetSystemTime

Exports

Exports

Ekvnfvpxksi
IsIedkgsbktmj
InitUbeonmcdj
Rqqyluympos
AddPxqxxguj
Fdxulxoy
BeginQfochud
Vicqypuiw

Sections

.idata
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 132KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31314ae48ec5a1ea8be78bf21623ce2d

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Exports

Exports

Sections

.idata Size: - Virtual size: 3KB

.text Size: 132KB - Virtual size: 180KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.idata
Size: - Virtual size: 3KB

.text
Size: 132KB - Virtual size: 180KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB