ee83fd88565a77db6a1859d098d3dde1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ee83fd88565a77db6a1859d098d3dde1_JaffaCakes118
Size

308KB
MD5

ee83fd88565a77db6a1859d098d3dde1
SHA1

4ea107453ed781e465ff00742b1ccc0223095ec9
SHA256

8e15ce8f74e5141f3806b699ddc6221a51dad4dc8c3164299c6c46685cdc7fba
SHA512

a37e454b8cb3219fb39bbba979acf5fbf26b434fab3d21cf0c90def1a00c24093abad4e09892433d445882cac040908be749e6499a7e024b313df042fc51ff03
SSDEEP

6144:ED1BgbU4FuLcYNpaipPnIi2IQdoGCYnLAFRtKOV6gRxZuUhqbUqj7B:EDgbN6NRnIi2IQdfCYLoLrbXqj7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ee83fd88565a77db6a1859d098d3dde1_JaffaCakes118

Files

ee83fd88565a77db6a1859d098d3dde1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6eed31eeacf5b479f37314f12d17e04d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
RaiseException
GetEnvironmentVariableA
FindFirstFileA
CreateSemaphoreA
GetConsoleCursorMode
SetVDMCurrentDirectories
SetEvent
FindAtomA
GetProcessId
GetVolumeNameForVolumeMountPointA
VirtualAllocEx
GetWindowsDirectoryA
SignalObjectAndWait
lstrcmpiA
SystemTimeToTzSpecificLocalTime
GetProcessTimes
SetErrorMode
GetModuleFileNameA
HeapCompact
SetHandleInformation
ReleaseSemaphore
OpenSemaphoreA
GetFileType
TerminateThread
LoadLibraryExW
FlushViewOfFile
ResetEvent

wininet

InternetQueryDataAvailable
FtpRemoveDirectoryW
FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW
InternetGetConnectedStateExA
InternetCrackUrlA
ResumeSuspendedDownload
InternetUnlockRequestFile

Sections

.itext
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 296KB - Virtual size: 395KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ