fa7135a3a6d6c1bff72add824727dd84_JaffaCakes118

General

Target

fa7135a3a6d6c1bff72add824727dd84_JaffaCakes118
Size

292KB
MD5

fa7135a3a6d6c1bff72add824727dd84
SHA1

c7cc043fa0f2edaa208dd453f7d7a4ca22cc4167
SHA256

b4b3f8defde4dfc907fdefd3a8e6c2c18302573e9a274ccc907524dab2adb488
SHA512

706b4a9cf90003235b6126fc792488de54412d9bbb2d5b9d2b94e6991bbe57573c0cac6977424e1430d6d699843bea50c9fed882abc52b8a2fa23ce1cd9cb4de
SSDEEP

6144:JG++d24MrXjcq98ZrultR+qc7d2J744HWma2SVod4FYyE7l:uKXARZWo7d2J2BEWYyE7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa7135a3a6d6c1bff72add824727dd84_JaffaCakes118

Files

fa7135a3a6d6c1bff72add824727dd84_JaffaCakes118
.exe windows:4 windows x86 arch:x86

539c0c06a751e3c5498c1fbb68c115b1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenFileMappingA
VirtualAlloc
SetFileShortNameA
GetWindowsDirectoryA
SetConsoleNumberOfCommandsA
GetConsoleTitleA
GlobalAlloc
SetInformationJobObject
OpenProcess
WriteConsoleOutputCharacterA
LocalSize
ReadConsoleA
RegisterWaitForSingleObjectEx
GetNumberFormatA
EndUpdateResourceA
LocalCompact
PulseEvent
WriteConsoleOutputA
SetFilePointer
BuildCommDCBA
CreateTimerQueue
WriteConsoleOutputCharacterW
GetDiskFreeSpaceA
FindFirstChangeNotificationA
SetThreadContext
CreateDirectoryExW
GetVersionExA
GetFileAttributesA
GetLogicalDrives
SetConsoleIcon
FindResourceA
CreateDirectoryExA
GetCurrentThread
GetConsoleWindow
GetSystemTime
DeleteTimerQueue
SetProcessPriorityBoost
GetDiskFreeSpaceExA
GetProcessHeap
_lcreat
lstrcat
GetConsoleCursorInfo
WriteConsoleA
GetProcessWorkingSetSize
GetThreadPriorityBoost
FileTimeToLocalFileTime
IsBadReadPtr
SetHandleCount
GetProfileSectionA
GetCurrentThreadId
FlushConsoleInputBuffer
TerminateJobObject
SetSystemTimeAdjustment
lstrlenA
PeekConsoleInputA
GetCurrentThread
LoadLibraryExW
SetThreadPriorityBoost
LoadResource
ReadConsoleOutputAttribute
GetExitCodeThread
SetFilePointer
GetModuleFileNameA
GetCurrentProcessId
QueryMemoryResourceNotification

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeGetSystemTime
timeGetTime

Sections

.idata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 280KB - Virtual size: 392KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

539c0c06a751e3c5498c1fbb68c115b1

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Sections

.idata Size: - Virtual size: 1KB

.text Size: 280KB - Virtual size: 392KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.idata
Size: - Virtual size: 1KB

.text
Size: 280KB - Virtual size: 392KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB