f71d718454da3ddde12e6767e906c62f_JaffaCakes118

General

Target

f71d718454da3ddde12e6767e906c62f_JaffaCakes118
Size

172KB
MD5

f71d718454da3ddde12e6767e906c62f
SHA1

87a3b288e39cbd9375775e0f1744f89bbd7f586c
SHA256

bbfab17cda2fae4de54f2cad1a61305e98baa046a41f75704e1bc43a46d330de
SHA512

1ee47f4002e601e0696c082afebe90bde7179eebeec6377fdadfc8fd15b22db79e15535adc6ceccb1bae8d0c4101cc11720640f7118af8d1386fab13aa588eaf
SSDEEP

3072:baEN5Nmvh2URAF/9soPx0sA+xYepCbmVVb0F0p3C9f95yHl:5NjiBARCs8OdVK0pyy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f71d718454da3ddde12e6767e906c62f_JaffaCakes118

Files

f71d718454da3ddde12e6767e906c62f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e75d9639dc9b013309ddabaf5f550cb0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReplaceFileA
GetCommMask
SetStdHandle
HeapFree
EnumSystemLocalesA
MultiByteToWideChar
GetStringTypeA
VirtualAlloc
GetTempPathA
CreateDirectoryExW
GetDriveTypeA
ReadConsoleOutputAttribute
RaiseException
GetWindowsDirectoryA
SetConsoleCursorInfo
_llseek
GetSystemDefaultLCID
GetSystemTimes
OpenThread
GetVersion
GetSystemWindowsDirectoryA
GetShortPathNameA
FileTimeToLocalFileTime
WriteConsoleOutputCharacterA
GetCurrentThread
LoadResource
GetOverlappedResult
WriteFileEx
GetModuleFileNameA
GetDateFormatA
WaitForMultipleObjects
GetBinaryTypeA
WriteConsoleA
GetCalendarInfoA
EnumResourceNamesA
GetVolumePathNameA
VirtualLock
IsValidCodePage
GetCommState
OutputDebugStringA
SetVolumeMountPointA
GetThreadPriorityBoost
CreateFileMappingA
WriteProcessMemory
GetVolumeInformationA
SetVDMCurrentDirectories
FindFirstFileExA
SleepEx
GetSystemRegistryQuota
MoveFileExA
GetDllDirectoryA
FindNextFileA
GetPrivateProfileSectionNamesW
IsBadCodePtr
LocalHandle
SetFilePointer
CloseConsoleHandle
GetLocaleInfoA
FindAtomA
SetFilePointer
lstrcpynA
IsSystemResumeAutomatic
GetCurrencyFormatA
EndUpdateResourceA
GetProfileSectionA
ReleaseMutex
HeapDestroy
_lcreat
GetExitCodeProcess
Toolhelp32ReadProcessMemory

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeGetTime
timeGetSystemTime

Sections

.text
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itext
Size: 160KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e75d9639dc9b013309ddabaf5f550cb0

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Sections

.text Size: - Virtual size: 2KB

.itext Size: 160KB - Virtual size: 167KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: - Virtual size: 2KB

.itext
Size: 160KB - Virtual size: 167KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB